LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to version 3.3.0, the JWK parsing for RSA-PSS did not protect against a NULL value when expecting to parse JSON string values. A specially crafted JWK file could exploit this behavior by using integers in places where the code expected a string.
This was fixed in v3.3.0. A workaround is available. Users importing keys through a JWK file should not do so from untrusted sources.
Use the `jwk2key` tool to check for validity of a JWK file. Likewise, if possible, do not use JWK files with RSA-PSS keys.
Attack Parameters
Attack Vector
Adjacent
Requires local network access
Attack Complexity
High
Difficult to exploit
Attack Requirements
Present
Additional conditions required
Privileges Required
None
No privileges needed
User Interaction
Active
User action required
Impact Assessment
Confidentiality
Low
Partial data leak
Integrity
Low
Partial data modification
Availability
High
Complete denial of service
CVSS Vector v4.0
Weakness Type (CWE)
Vulnerable Products 1
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Libjwt Libjwt
cpe:2.3:a:libjwt:libjwt:*:*:*:*:*:*:*:*
|
3.0.0
|
3.3.0
|