CVE-2017-11424

NameCVE-2017-11424
DescriptionIn PyJWT 1.5.0 and below the `invalid_strings` check in `HMACAlgorithm.prepare_key` does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string `-----BEGIN RSA PUBLIC KEY-----` which is not accounted for. This enables symmetric/asymmetric key confusion attacks against users using the PKCS1 PEM encoded public keys, which would allow an attacker to craft JWTs from scratch.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-3979-1
Debian Bugs873244

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
pyjwt (PTS)jessie, jessie (lts)0.2.1-1+deb8u2fixed
stretch (security), stretch (lts), stretch1.4.2-1+deb9u1fixed
buster1.7.0-2fixed
bullseye1.7.1-2fixed
bookworm2.6.0-1fixed
sid, trixie2.7.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
pyjwtsourcejessie0.2.1-1+deb8u2DSA-3979-1
pyjwtsourcestretch1.4.2-1+deb9u1DSA-3979-1
pyjwtsource(unstable)1.4.2-1.1873244

Notes

https://github.com/jpadilla/pyjwt/pull/277

Search for package or bug name: Reporting problems