Quan Nguyen

**Nome do software vulnerável e versões afetadas** Versões do Connect2id Nimbus JOSE+JWT anteriores à 9.37.2 Versões do Confluence Data Center e Server anteriores à 7.19.23 Versões do Confluence Data Center e Server anteriores à 8.5.11 Versões do Confluence Data Center e Server anteriores à 8.6.2 Versões do Confluence Data Center e Server anteriores à 8.7.2 Versões do Confluence Data Center e Server anteriores à 8.9.3 Versões do Bamboo Data Center e Server anteriores à 9.2.15 Versões do Bamboo Data Center e Server anteriores à 9.4.3 Versões do Bamboo Data Center e Server anteriores à 9.5.3 Versões do Bamboo Data Center e Server anteriores à 9.6.3 **Descrição** O problema está relacionado ao componente PasswordBasedDecrypter (PBKDF2) no Connect2id Nimbus JOSE+JWT. Um invasor pode causar uma negação de serviço (consumo de recursos) por meio de um valor grande no cabeçalho JWE p2c (também conhecido como contagem de iterações). Isso permite que um invasor não autenticado exponha ativos no ambiente suscetíveis a exploração, sem impacto na confidencialidade, sem impacto na integridade e com alto impacto na disponibilidade, sem exigir interação do usuário. **Recomendações** Para versões do Connect2id Nimbus JOSE+JWT anteriores à 9.37.2, atualize para a versão 9.37.2 ou posterior. Para versões do Confluence Data Center e Server anteriores à 7.19.23, atualize para a versão 7.19.23 ou posterior. Para versões do Confluence Data Center e Server anteriores à 8.5.11, atualize para a versão 8.5.11 ou posterior. Para versões do Confluence Data Center e Server anteriores à 8.6.2, atualize para a versão 8.6.2 ou posterior.

**Name of the Vulnerable Software and Affected Versions** go-jose versions prior to 1.0.4 **Description** The issue arises from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, the received public key on a message is not checked to be on the same curve as the static private key of the receiver. This allows an attacker to mount an invalid curve attack during decryption. **Recommendations** For go-jose versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue. As a temporary workaround, consider validating the curve of the received public key against the receiver's private key curve before proceeding with the ECDH-ES algorithm. Restrict access to the ECDH-ES functionality until the update is applied to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** go-jose versions prior to 1.1.0 go-jose versions prior to 1.0.4 **Description** The go-jose library is affected by an issue related to multiple signatures exploitation. When validating a signed message, the API does not indicate which signature is valid. This could lead to confusion, as users of the library might mistakenly read protected header values from an attached signature that was different from the one originally validated. **Recommendations** For go-jose versions prior to 1.0.4, update to version 1.0.4 or later. For go-jose versions prior to 1.1.0, update to version 1.1.0 or later.

**Name of the Vulnerable Software and Affected Versions** go-jose versions prior to 1.0.5 **Description** The issue concerns an integer overflow in CBC-HMAC on 32-bit architectures, potentially leading to authentication bypass for CBC-HMAC encrypted ciphertexts. On 32-bit platforms, an attacker can manipulate ciphertext encrypted with AES-CBC with HMAC, allowing control over the input buffer size when computing the HMAC authentication tag. This could enable a manipulated ciphertext to be verified as authentic, making it vulnerable to padding oracle attacks. **Recommendations** For go-jose versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of CBC-HMAC encryption on 32-bit architectures until the update is applied.