Fluid Attacks Database

Description

PyJWT vulnerable to key confusion attacks In PyJWT 1.5.0 and below the invalid_strings check in HMACAlgorithm.prepare_key does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string -----BEGIN RSA PUBLIC KEY----- which is not accounted for. This enables symmetric/asymmetric key confusion attacks against users using the PKCS1 PEM encoded public keys, which would allow an attacker to craft JWTs from scratch.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
pypi	pyjwt	>=0 <1.5.1	1.5.1
debian 11	pyjwt	>=0 <1.4.2-1.1	1.4.2-1.1
debian 13	pyjwt	>=0 <1.4.2-1.1	1.4.2-1.1
debian 14	pyjwt	>=0 <1.4.2-1.1	1.4.2-1.1
debian 12	pyjwt	>=0 <1.4.2-1.1	1.4.2-1.1

Aliases

1. CVE-2017-114242. NVD-2017-114243. OSV-2017-114244. OSV-DEBIAN-2017-114245. GCVE-2017-114246. SECURITY-TRACKER-CVE-2017-11424

References

1. https://github.com/jpadilla/pyjwt/pull/2772. https://github.com/pypa/advisory-database/tree/main/vulns/pyjwt/PYSEC-2017-24.yaml3. http://www.debian.org/security/2017/dsa-3979

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.