Vulnerability DatabaseCVE-2017-11424
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2017-11424
August 24, 2017
In PyJWT 1.5.0 and below the "invalid_strings" check in "HMACAlgorithm.prepare_key" does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string "-----BEGIN RSA PUBLIC KEY-----" which is not accounted for. This enables symmetric/asymmetric key confusion attacks against users using the PKCS1 PEM encoded public keys, which would allow an attacker to craft JWTs from scratch.
Affected Packages
pyjwt (PYTHON):
Affected version(s) >=0.1.1 <1.5.1
Fix Suggestion:
Update to version 1.5.1
Related Resources (5)
https://github.com/pypa/advisory-database/tree/main/vulns/pyjwt/PYSEC-2017-24.yaml
http://www.debian.org/security/2017/dsa-3979
https://github.com/jpadilla/pyjwt/pull/277
https://nvd.nist.gov/vuln/detail/CVE-2017-11424
https://github.com/jpadilla/pyjwt
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
HIGH
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE
CVSS v2
Base Score:
5
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
EPSS
Base Score:
1.30