GHSA-mhpq-9638-x6pw: 
vulnerability analysis and mitigation

A denial of service vulnerability was discovered in github.com/dvsekhvalnov/jose2go affecting versions prior to 1.5.1-0.20231206184617-48ba0b76bc88. The vulnerability allows an attacker to cause a denial-of-service condition through a PBES2 encrypted JWE blob with a very large p2c (iteration count) value during decryption operations. The issue was disclosed on December 20, 2023, and has been assigned a moderate severity rating with a CVSS score of 5.3 (GitHub Advisory).

The vulnerability (GHSA-mhpq-9638-x6pw) is related to the PBES2-HMAC-AESKW algorithm implementation where there were no proper bounds checking for iteration counts. The issue has been classified as CWE-400 and received a CVSS v3.1 base score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). The vulnerability specifically affects the decryption process when handling attacker-controlled input with excessive iteration counts (GitHub Advisory).

When exploited, this vulnerability can lead to denial of service conditions by forcing the system to perform an excessive number of hash iterations during the decryption process of PBES2 encrypted JWE blobs. This can result in significant resource consumption and potential service disruption (GitHub Advisory).

The vulnerability has been patched in version 1.5.1-0.20231206184617-48ba0b76bc88. The fix implements proper iteration count bounds checking in the PBES2-HMAC-AESKW algorithm by adding minimum and maximum iteration count guards (GitHub Commit).

The vulnerability was presented at Black Hat USA 2023 as part of a broader discussion on JSON Web Token attacks, indicating its significance in the security community (Black Hat).