Veracode Vulnerability DatabaseVERACODE:44332JSON Web Token (JWT) Algorithm Confusion
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.5%
fast-jwt is vulnerable to JWT Algorithm Confusion. The vulnerability is caused by a missing validation on publicKeyPemMatcher constant defined in fast-jwt/src/crypto.js which is used to match all common PEM formats for public keys. An attacker can craft a malicious JWT token utilizing the HS256 algorithm, signed with the public RSA key of the victim application. This attack works only if the victim application utilizes a public key containing the BEGIN RSA PUBLIC KEY header and uses the RS256 algorithm with the JWT verify function called without explicitly providing an algorithm.
References
github.com/nearform/fast-jwt/blob/master/src/crypto.js#L29
github.com/nearform/fast-jwt/blob/master/src/crypto.js#L29C2-L30C63
github.com/nearform/fast-jwt/commit/15a6e92c9adb39acde41a9b11cec0cbde8ad763b
github.com/nearform/fast-jwt/releases/tag/v3.3.2
github.com/nearform/fast-jwt/security/advisories/GHSA-c2ff-88x2-x9pg
Related
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.5%