CVE-2024-28176 in jose
Summary
by MITRE • 03/09/2024
jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 12/05/2025
The vulnerability identified as CVE-2024-28176 affects the jose JavaScript module, a widely used library for implementing JSON Object Signing and Encryption standards including JWT, JWS, JWE, JWK, and JWKS. This module serves as a critical component in modern web applications for securing data transmission and authentication processes. The flaw specifically targets the JSON Web Encryption decryption interfaces, which are fundamental to protecting sensitive information in transit. The issue manifests when the library processes JWE decryption operations that involve decompression of plaintext data, creating a potential avenue for resource exhaustion attacks.
The technical implementation flaw resides in how the jose library handles decompression operations during JWE decryption processes. When certain malformed or crafted JWE tokens are processed, the decompression algorithm can be triggered in a manner that causes exponential resource consumption. This occurs due to insufficient validation of compression parameters or improper handling of decompression streams that can lead to infinite loops or excessive memory allocation. The vulnerability is classified under CWE-400 as an Uncontrolled Resource Consumption vulnerability, which directly maps to the observed behavior of excessive CPU time and memory usage during decryption operations. The flaw represents a classic example of a denial of service condition where legitimate system resources become unavailable due to malicious input processing.
The operational impact of this vulnerability extends beyond simple service disruption to potentially compromise entire application availability and system stability. Attackers can exploit this weakness by sending specially crafted JWE tokens that trigger the problematic decompression path, causing target systems to consume excessive computational resources until the system becomes unresponsive or crashes. This vulnerability affects applications that rely on jose for secure communication, potentially impacting authentication services, API gateways, and any system processing encrypted JSON data. The resource exhaustion can lead to cascading failures in high-traffic applications where multiple concurrent decryption operations are processed, making the attack particularly dangerous in production environments. From an ATT&CK framework perspective, this vulnerability aligns with T1499.004 (Endpoint Denial of Service) and represents a significant risk to system availability and service integrity.
Mitigation strategies for CVE-2024-28176 require immediate implementation of the patched versions 2.0.7 and 4.15.5, which contain the necessary fixes to properly validate decompression parameters and implement resource limits during decryption operations. Organizations should conduct comprehensive vulnerability assessments to identify all systems using affected versions of the jose module and ensure timely patch deployment across their infrastructure. Additional protective measures include implementing rate limiting on decryption endpoints, monitoring resource consumption patterns, and establishing automated alerting for unusual CPU or memory usage during encryption/decryption operations. Security teams should also consider implementing input validation and sanitization at the application level to further reduce the attack surface, while maintaining proper logging and monitoring to detect potential exploitation attempts. The fix addresses the root cause by introducing proper bounds checking and resource consumption limits during decompression processes, preventing the exponential resource usage that previously enabled this denial of service condition.