Moderate severityNVD Advisory· Published Mar 6, 2024· Updated Sep 9, 2024
JWCrypto vulnerable to JWT bomb Attack in `deserialize` function
CVE-2024-28102
Description
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot of memory and processing time. Version 1.5.6 fixes this vulnerability by limiting the maximum token length.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
jwcryptoPyPI | < 1.5.6 | 1.5.6 |
Affected products
1Patches
190477a3b6e73Address potential DoS with high compression ratio
2 files changed · +33 −0
jwcrypto/jwe.py+7 −0 modified@@ -10,6 +10,9 @@ from jwcrypto.jwa import JWA from jwcrypto.jwk import JWKSet +# Limit the amount of data we are willing to decompress by default. +default_max_compressed_size = 256 * 1024 + # RFC 7516 - 4.1 # name: (description, supported?) @@ -422,6 +425,10 @@ def _decrypt(self, key, ppe): compress = jh.get('zip', None) if compress == 'DEF': + if len(data) > default_max_compressed_size: + raise InvalidJWEData( + 'Compressed data exceeds maximum allowed' + 'size' + f' ({default_max_compressed_size})') self.plaintext = zlib.decompress(data, -zlib.MAX_WBITS) elif compress is None: self.plaintext = data
jwcrypto/tests.py+26 −0 modified@@ -2111,6 +2111,32 @@ def test_pbes2_hs256_aeskw_custom_params(self): jwa.default_max_pbkdf2_iterations += 2 p2cenc.add_recipient(key) + def test_jwe_decompression_max(self): + key = jwk.JWK(kty='oct', k=base64url_encode(b'A' * (128 // 8))) + payload = '{"u": "' + "u" * 400000000 + '", "uu":"' \ + + "u" * 400000000 + '"}' + protected_header = { + "alg": "A128KW", + "enc": "A128GCM", + "typ": "JWE", + "zip": "DEF", + } + enc = jwe.JWE(payload.encode('utf-8'), + recipient=key, + protected=protected_header).serialize(compact=True) + with self.assertRaises(jwe.InvalidJWEData): + check = jwe.JWE() + check.deserialize(enc) + check.decrypt(key) + + defmax = jwe.default_max_compressed_size + jwe.default_max_compressed_size = 1000000000 + # ensure we can eraise the limit and decrypt + check = jwe.JWE() + check.deserialize(enc) + check.decrypt(key) + jwe.default_max_compressed_size = defmax + class JWATests(unittest.TestCase): def test_jwa_create(self):
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-j857-7rvv-vj97ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-28102ghsaADVISORY
- github.com/latchset/jwcrypto/commit/90477a3b6e73da69740e00b8161f53fea19b831fghsax_refsource_MISCWEB
- github.com/latchset/jwcrypto/security/advisories/GHSA-j857-7rvv-vj97ghsax_refsource_CONFIRMWEB
- lists.debian.org/debian-lts-announce/2024/09/msg00026.htmlghsaWEB
- www.vicarius.io/vsociety/posts/denial-of-service-vulnerability-discovered-in-jwcrypto-cve-2024-28102-28103ghsaWEB
News mentions
0No linked articles in our index yet.