blob: 9df2fd3b69e93356aa47b90b079781016d2724ee [file] [log] [blame]
id: GO-2024-2632
modules:
- module: github.com/lestrrat-go/jwx
versions:
- fixed: 1.2.29
vulnerable_at: 1.2.28
packages:
- package: github.com/lestrrat-go/jwx/jwe
symbols:
- uncompress
- Decrypt
derived_symbols:
- Message.Decrypt
- module: github.com/lestrrat-go/jwx/v2
versions:
- fixed: 2.0.21
vulnerable_at: 2.0.20
packages:
- package: github.com/lestrrat-go/jwx/v2/jwe
symbols:
- uncompress
- Decrypt
- Settings
- decryptCtx.decryptContent
summary: |-
JWX vulnerable to a denial of service attack using compressed JWE message in
github.com/lestrrat-go/jwx
description: |-
An attacker with a trusted public key may cause a Denial-of-Service (DoS)
condition by crafting a malicious JSON Web Encryption (JWE) token with an
exceptionally high compression ratio. When this token is processed by the
recipient, it results in significant memory allocation and processing time
during decompression.
cves:
- CVE-2024-28122
ghsas:
- GHSA-hj3v-m684-v259
references:
- advisory: https://github.com/lestrrat-go/jwx/security/advisories/GHSA-hj3v-m684-v259
- fix: https://github.com/lestrrat-go/jwx/commit/d01027d74c7376d66037a10f4f64af9af26a7e34
- fix: https://github.com/lestrrat-go/jwx/commit/d43f2ceb7f0c13714dfe8854d6439766e86faa76
- web: https://github.com/lestrrat-go/jwx/releases/tag/v1.2.29
- web: https://github.com/lestrrat-go/jwx/releases/tag/v2.0.21
source:
id: GHSA-hj3v-m684-v259
created: 2024-05-17T15:43:27.61183-04:00
review_status: REVIEWED