From 75fa9b4a4328066ab1e8e1296ca9cfecfaeb6a69 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 26 Apr 2024 15:48:53 +0200
Subject: Add two new issues in python-jose

---
 data/CVE/list | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/data/CVE/list b/data/CVE/list
index cabf0ee119..d7473bb994 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -44,9 +44,12 @@ CVE-2024-33666 (An issue was discovered in Zammad before 6.3.0. Users with custo
 CVE-2024-33665 (angular-translate through 2.19.1 allows XSS via a crafted key that is  ...)
 	TODO: check
 CVE-2024-33664 (python-jose through 3.3.0 allows attackers to cause a denial of servic ...)
-	TODO: check
+	- python-jose <unfixed>
+	NOTE: https://github.com/mpdavis/python-jose/issues/344
+	NOTE: https://github.com/mpdavis/python-jose/pull/345
 CVE-2024-33663 (python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA k ...)
-	TODO: check
+	- python-jose <unfixed>
+	NOTE: https://github.com/mpdavis/python-jose/issues/346
 CVE-2024-33661 (Portainer before 2.20.0 allows redirects when the target is not index. ...)
 	NOT-FOR-US: Portainer
 CVE-2024-33651 (Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gi ...)
-- 
cgit v1.2.3