| id: GO-2022-0945 |
| modules: |
| - module: gopkg.in/square/go-jose.v1 |
| versions: |
| - fixed: 1.1.0 |
| vulnerable_at: 1.0.0-20160831185616-c7581939a365 |
| packages: |
| - package: gopkg.in/square/go-jose.v1 |
| symbols: |
| - JsonWebSignature.Verify |
| - ecDecrypterSigner.decryptKey |
| - rawJsonWebKey.ecPublicKey |
| derived_symbols: |
| - JsonWebEncryption.Decrypt |
| - JsonWebKey.UnmarshalJSON |
| - package: gopkg.in/square/go-jose.v1/cipher |
| symbols: |
| - DeriveECDHES |
| - NewConcatKDF |
| - cbcAEAD.Seal |
| - cbcAEAD.computeAuthTag |
| - padBuffer |
| - resize |
| derived_symbols: |
| - cbcAEAD.Open |
| summary: Signature validation bypass in gopkg.in/square/go-jose.v1 |
| description: |- |
| The go-jose library suffers from multiple signatures exploitation. When |
| validating a signed message, the API did not indicate which signature was valid, |
| which creates the potential for confusion. |
| published: 2022-08-22T17:59:45Z |
| cves: |
| - CVE-2016-9122 |
| ghsas: |
| - GHSA-77gc-fj98-665h |
| credits: |
| - Quan Nguyen from Google's Information Security Engineering Team |
| references: |
| - advisory: https://www.openwall.com/lists/oss-security/2016/11/03/1 |
| - fix: https://github.com/square/go-jose/pull/111 |
| - fix: https://github.com/square/go-jose/commit/2c5656adca9909843c4ff50acf1d2cf8f32da7e6 |
| - web: https://github.com/square/go-jose/commit/789a4c4bd4c118f7564954f441b29c153ccd6a96 |
| - web: https://github.com/square/go-jose/commit/c7581939a3656bb65e89d64da0a52364a33d2507 |
| review_status: REVIEWED |