CVE-2021-29446

Name of the Vulnerable Software and Affected Versions: jose-node-cjs-runtime versions prior to 3.11.4

Description: The AES CBC HMAC SHA2 Algorithm decryption in the jose-node-cjs-runtime package has a timing difference when a padding error occurs, creating a padding oracle. This allows an adversary to potentially decrypt data without knowing the decryption key by making on average 128*b calls to the padding oracle, where b is the number of bytes in the ciphertext block.

Recommendations: For versions prior to 3.11.4, upgrade to version 3.11.4 or later to ensure the HMAC tag is verified before performing CBC decryption.