CVE-2021-29446 — Observable Discrepancy in Jose-node-cjs-runtime

CWE-203 — Observable Discrepancy CWE-208 — Observable Timing Discrepancy CWE-696 — Incorrect Behavior Order4 documents4 sources

Severity

5.9MEDIUMNVD

EPSS

0.4%

top 39.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Panva Jose-node-cjs-runtime Jose-node-cjs-runtime Project Jose-node-cjs-runtime

Timeline

PublishedApr 16

Latest updateApr 19

Description

jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. But a possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to …

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5panva/jose-node-cjs-runtime< 3.11.4

▶NVDjose-node-cjs-runtime_project/jose-node-cjs-runtime< 3.11.4

▶npmjose-node-cjs-runtime_project/jose-node-cjs-runtime< 3.11.4

🔴Vulnerability Details

GHSA

Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime↗2021-04-19

▶

OSV

Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime↗2021-04-19

▶

CVEList

Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime↗2021-04-16

▶