CVE-2021-29444 — Observable Discrepancy in Jose

CWE-203 — Observable Discrepancy4 documents4 sources

Severity

5.9MEDIUMNVD

EPSS

0.4%

top 39.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Panva Jose Jose-node-cjs-runtime Project Jose-node-cjs-runtime

Timeline

PublishedApr 16

Latest updateApr 19

Description

jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. But a possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to m…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

▶NVDjose-node-cjs-runtime_project/jose-node-cjs-runtime< 3.11.4

▶CVEListV5panva/jose< 3.11.4

🔴Vulnerability Details

GHSA

Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime↗2021-04-19

▶

OSV

Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime↗2021-04-19

▶

CVEList

Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime↗2021-04-16

▶