CVE-2025-62706

Name of the Vulnerable Software and Affected Versions Authlib versions prior to 1.6.5

Description Authlib’s JWE implementation, specifically when handling the zip=DEF option, is susceptible to a denial of service. A small ciphertext can expand to a very large plaintext during decompression due to unbounded DEFLATE decompression. An attacker who can supply decryptable tokens can exploit this to exhaust memory and CPU resources, leading to a denial of service. The issue stems from the use of zlib.decompress without a maximum output limit in the DeflateZipAlgorithm.decompress function. The JWE decode flow applies this decompression without any size restrictions. The vulnerability can be reproduced by crafting a small zip=DEF ciphertext that inflates to a very large plaintext during decryption. The impact is high availability disruption, but there is no direct confidentiality or integrity impact.

Recommendations Versions prior to 1.6.5: Reject or strip zip=DEF for inbound JWEs at the application boundary. Versions prior to 1.6.5: Add a bounded decompression guard, returning an error when output exceeds a safe limit. Versions prior to 1.6.5: Enforce strict maximum token sizes and fail fast on oversized inputs, combining this with rate limiting.