Invalid Curve Attack

Module: node-jose

Published: March 13th, 2017

Reported by: Antonio Sanso

CVE-NONE

CWE-200

Vulnerable: <0.9.3
Patched: >=0.9.3

Overview

Affected versions of node-jose are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) is used.

Proof of Concept

Remediation

Update to version 0.9.3 or later.

References

Intothesymmetry - Critical Vulnerability in JWT