-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIA Semantic Attack on Google Gemini - Read the Latest Research
A Semantic Attack on Google Gemini - Read the Latest Research
Miggo AI
Miggo AIRoot Cause AnalysisThe vulnerability lies in how the joserfc library handles size validation for various parts of a JSON Web Token (JWT). When a component of the token (such as the header, payload, or signature) exceeds a predefined size limit, the library raises an ExceededSizeError exception. The core of the vulnerability is that the exception message includes the raw, oversized data. In a production environment, if an application logs these exceptions, an attacker can send a maliciously crafted, oversized JWT. This forces the application to log an extremely large string, leading to uncontrolled resource consumption (Denial of Service) on the application host or in the logging infrastructure.
The analysis of the provided patches confirms this behavior. The commits 63932f169d924caffafa761af2122b82059017f7 and 673c8743fd0605b0e1de6452be6cba75f44e466b modify several validation functions across src/joserfc/_rfc7515/registry.py and src/joserfc/_rfc7516/registry.py. In each case, the change involves removing the raw data (e.g., {header!r}, {payload!r}) from the f-string used to generate the ExceededSizeError message. The functions identified are the exact locations where this vulnerable behavior occurs. During exploitation, a profiler would show these validation functions being called just before the ExceededSizeError is raised and subsequently logged.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| joserfc | pip | >= 1.3.3, < 1.3.5 | 1.3.5 |
| joserfc | pip | >= 1.4.0, < 1.4.2 | 1.4.2 |