Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime

Severity:: Medium

Description

AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown.

Recommendation

Update the jose-node-cjs-runtime package to the latest compatible version. Followings are version details:

Affected version(s): < 3.11.4
Patched version(s): 3.11.4

References

GHSA-rvcw-f68w-8h8h
www.npmjs.com
CVE-2021-29446
CWE-203
CWE-208
CWE-696
CAPEC-310
OWASP 2021-A6

Related Issues

@plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user - CVE-2025-61668
Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID) - CVE-2024-56334
@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled - CVE-2024-51752
Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS - CVE-2024-43788

Tags:: npm; jose-node-cjs-runtime

Anything's wrong? Let us know Last updated on March 17, 2023