7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-65945

CVE-2025-65945: auth0/node-jws Improperly Verifies HMAC Signature

Overview

An improper signature verification vulnerability exists when using auth0/node-jws with the HS256 algorithm under specific conditions.

Am I Affected?

You are affected by this vulnerability if you meet all of the following preconditions:

Application uses the auth0/node-jws implementation of JSON Web Signatures, versions <=3.2.2 || 4.0.0
Application uses the jws.createVerify() function for HMAC algorithms
Application uses user-provided data from the JSON Web Signature Protected Header or Payload in the HMAC secret lookup routines

You are NOT affected by this vulnerability if you meet any of the following preconditions:

Application uses the jws.verify() interface (note: auth0/node-jsonwebtoken users fall into this category and are therefore NOT affected by this vulnerability)
Application uses only asymmetric algorithms (e.g. RS256)
Application doesn’t use user-provided data from the JSON Web Signature Protected Header or Payload in the HMAC secret lookup routines

Fix

Upgrade auth0/node-jws version to version 3.2.3 or 4.0.1

Acknowledgement

Okta would like to thank Félix Charette for discovering this vulnerability.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-65945

CVE-2025-65945:

7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
jws	npm	< 3.2.3	3.2.3
jws	npm	= 4.0.0	4.0.1

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability lies in the jws library's streaming interface, specifically in the createVerify function, which constructs a VerifyStream. The core issue is an improper verification of the cryptographic signature when using HMAC-based algorithms (e.g., HS256). The VerifyStream constructor failed to validate that a secret key was actually provided. An attacker could craft a JWS token and manipulate the application's key lookup logic (e.g., by providing a specific kid in the header) to cause it to return null or undefined for the secret. The vulnerable code would then attempt to verify the signature using this null key, leading to a successful but insecure verification.

The patch addresses this by adding an explicit check in the constructors of both VerifyStream and SignStream. This check tests if an HMAC algorithm is being used (/^hs/i.test(...)) and if the secret is null or undefined. If both conditions are true, it throws a TypeError, preventing the use of a null key and mitigating the vulnerability. The function VerifyStream is the primary vulnerable function as it's directly responsible for the insecure signature verification that an attacker would exploit.

Vulnerable functions

VerifyStream

lib/verify-stream.js

The `VerifyStream` constructor, which is invoked by `jws.createVerify`, is vulnerable. Prior to the patch, it did not ensure that a secret or key was provided when using an HMAC algorithm (like HS256). If an application's key lookup logic, potentially influenced by attacker-controlled values in the JWS header, returned `null` or `undefined`, the signature verification would proceed with a null key. This allows an attacker to forge a signature that the application would incorrectly validate, bypassing authentication or integrity checks.

SignStream

lib/sign-stream.js

The `SignStream` constructor, invoked by `jws.createSign`, contained a similar flaw to `VerifyStream`. It allowed the creation of a signature stream for an HMAC algorithm without a valid secret. While the primary exploit is in the verification process, this function also implements the same insecure logic of allowing null keys for symmetric algorithms. The patch applies the same fix, requiring a secret for HMAC algorithms during signing.

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

7.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-65945: auth0/node-jws Improperly Verifies HMAC Signature

Overview

Am I Affected?

Fix

Acknowledgement

CVE-2025-65945:

7.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2025-65945: auth0/node-jws Improperly Verifies HMAC Signature

Overview

Am I Affected?

Fix

Acknowledgement

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

7.5

7.5

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI