PT-2025-32334 · Jwe · Jwe
Sideni
·
Published
2025-08-07
·
Updated
2025-10-05
·
CVE-2025-54887
CVSS v3.1
9.4
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
jwe versions 1.1.0 and below
Description
The authentication tag of encrypted JWEs can be brute forced, potentially leading to a loss of confidentiality and the ability to craft arbitrary JWEs. This allows modification of JWEs to decrypt to an arbitrary value and decryption by observing parsing differences. The GCM internal GHASH key can be recovered. Users are affected even if they do not use an AES-GCM encryption algorithm.
Recommendations
Upgrade to version 1.1.1.
Rotate the encryption keys after upgrading to version 1.1.1.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jwe