AZL-36936 CVE-2023-37464 affecting package cjose for versions less than 0.6.2.2-7

OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. The spec says that a fixed length of 16 octets must be applied. Therefore this bug...

PT-2023-25978 · Unknown +7 · Openidc/Cjose +7

Name of the Vulnerable Software and Affected Versions: OpenIDC/cjose versions prior to 0.6.2.2 Description: The AES GCM decryption routine in OpenIDC/cjose incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE, instead of the fixed length of 16 octets specified in...

cjose 加密问题漏洞

Cisco cjose is a C library from Cisco that implements Javascript Object Signing and Encryption JOSE. A cryptographic issue vulnerability exists in cjose that stems from the AES GCM decryption routines incorrectly using the length of the tag in the actual authentication tag provided in JWE...

github.com/lestrrat-go/jwx vulnerable to Potential Padding Oracle Attack

Summary Decrypting AES-CBC encrypted JWE has Potential Padding Oracle Attack Vulnerability. Details On v2.0.10, decrypting AES-CBC encrypted JWE may return an error "failed to generate plaintext from decrypted blocks: invalid padding":...

GHSA-JV3G-J58F-9MQ9 JOSE vulnerable to resource exhaustion via specifically crafted JWE

The PBKDF2-based JWE key management algorithms expect a JOSE Header Parameter named p2c PBES2 Count, which determines how many PBKDF2 iterations must be executed in order to derive a CEK wrapping key. The purpose of this parameter is to intentionally slow down the key derivation function in order...

CVE-2022-38493

Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE JSON Web Encryption token...

CVE-2022-38493

Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE JSON Web Encryption token...

UBUNTU-CVE-2022-38493

Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE JSON Web Encryption token...

CVE-2022-38493

CVE-2022-38493 affects Rhonabwy 0.9.99 through 1.1.x prior to 1.1.7, where the RSA private key length is not validated before RSA-OAEP decryption. The underlying issue allows an attacker to cause a Denial of Service via a crafted JWE (JSON Web Encryption) token. Multiple connected sources (Red Ha...

PT-2022-24426 · Rhonabwy · Rhonabwy

Name of the Vulnerable Software and Affected Versions: Rhonabwy versions 0.9.99 through 1.1.x before 1.1.7 Description: The issue allows attackers to cause a Denial of Service via a crafted JWE JSON Web Encryption token, as the software does not check the RSA private key length before RSA-OAEP...

Fedora: Security Advisory for golang-gopkg-square-jose-2 (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-gopkg-square-jose-2-2.6.0-4.fc36

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. This includes support for JSON Web Encryption, JSON Web Signature, and JSON Web Token standards...

Fedora: Security Advisory for golang-gopkg-square-jose-2 (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-gopkg-square-jose-2-2.6.0-3.fc36

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. This includes support for JSON Web Encryption, JSON Web Signature, and JSON Web Token standards...

jose-browser-runtime 安全漏洞

npm jose-browser-runtime is an application from the US company npm. Generic " JSON Web almost everything " - JWA, JWS, JWE, JWT, JWK using native encryption runtime without dependencies. A security vulnerability exists in jose-browser-runtime, which stems from the possibility of a noticeable time...

JSON Libraries Patched Against Invalid Curve Crypto Attack

A number of JSON libraries using the JSON Web Encryption specification JWE to create, sign and encrypt access tokens have been patched against an attack that allows for the recovery of a private key. Researcher Antonio Sanso of Adobe said the go-jose, node-jose, jose2go, Nimbus JOSE+WT and jose4...

Internet Bug Bounty: Critical vulnerability in JSON Web Encryption (JWE) - RFC 7516 Invalid Curve attack

We found an issue in the JWE specification where it fails to warn the implementers about Invalid Curve attack. We found several libraries to be vulnerable : node-jose, jose2go, Nimbus JOSE+JWT and jose4j and in the process of filing an errata for the RFC. We report the vulnerabilities to the...

Critical vulnerability in JSON Web Encryption (JWE) - RFC 7516

tl;dr if you are using go-jose, node-jose, jose2go, Nimbus JOSE+JWT or jose4j with ECDH-ES please update to the latest version. RFC 7516 aka JSON Web Encryption JWE hence many software libraries implementing this specification used to suffer from a classic Invalid Curve Attack. This would allow a...