CVE-2021-29445: 
JavaScript vulnerability analysis and mitigation

The CVE-2021-29445 affects jose-node-esm-runtime npm package versions prior to 3.11.4. The vulnerability was discovered and disclosed in April 2021, impacting the AESCBCHMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) implementation in the package (GitHub Advisory).

The vulnerability exists in the decryption process where both HMAC tag verification and CBC decryption are executed, with a JWEDecryptionFailed error thrown if either fails. The key issue is an observable timing difference when padding errors occur during ciphertext decryption, creating a padding oracle vulnerability. The CVSS score is 5.9 (Medium) with a vector string of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N (GitHub Advisory).

An adversary could potentially exploit this vulnerability to decrypt data without knowing the decryption key. This is achieved by making approximately 128*b calls to the padding oracle, where b represents the number of bytes in the ciphertext block (GitHub Advisory).

A patch was released in version 3.11.4 which ensures the HMAC tag is verified before performing CBC decryption. Users are advised to upgrade to version ^3.11.4 or later to address this vulnerability (GitHub Advisory).

The vulnerability was identified by Morgan Brown of Microsoft, and Eva Sarafianou (@esarafianou) assisted in scoring the advisory (GitHub Advisory).