Description
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service (DoS) via CPU exhaustion. When the library decrypts a JSON Web Encryption (JWE) token using Password-Based Encryption (PBES2) algorithms, it reads the p2c (PBES2 Count) parameter directly from the token's protected header. This parameter defines the number of iterations for the PBKDF2 key derivation function. Because joserfc does not validate or bound this value, an attacker can specify an extremely large iteration count (e.g., 2^31 - 1), forcing the server to expend massive CPU resources processing a single token. This vulnerability exists at the JWA layer and impacts all high-level JWE and JWT decryption interfaces if PBES2 algorithms are allowed by the application's policy.
Published: 2026-03-03
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch Now
AI Analysis

Impact

A resource exhaustion vulnerability exists in the Python library joserfc, which implements JSON Object Signing and Encryption standards. When decrypting a JWE token that uses Password-Based Encryption (PBES2) algorithms, the library reads the PBES2 Count (p2c) value directly from the token’s protected header without validating or bounding it. Because this count defines the number of PBKDF2 iterations, an attacker can supply an astronomically large iteration count, such as 2^31‑1, thereby forcing the server to perform intensive CPU work for a single token, resulting in a denial of service.

Affected Systems

The affected product is joserfc from authlib, version 1.6.2 and all earlier releases. Any deployment that processes JWE or JWT tokens with PBES2 algorithms and relies on this library is susceptible, especially applications that allow such algorithms without stricter policy enforcement.

Risk and Exploitability

The CVSS score of 7.5 indicates a high impact, while the EPSS score of less than 1% suggests a very low probability of widespread exploitation as of the current data. The vulnerability is not presently listed in CISA’s KEV catalog. The most likely attack vector is an unauthenticated malicious actor crafting a specially formed JWE token containing a large PBES2 Count value and sending it to the target application; the server then expends disproportionate CPU resources during decryption. Because no privileged state or remote code execution is required, the attack’s success depends on the application’s allowance of PBES2 algorithms and the absence of input validation on the p2c field.

Generated by OpenCVE AI on April 17, 2026 at 13:18 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade joserfc to version 1.6.3 or later. This release includes a bound check that limits the PBES2 Count (p2c) to a reasonable maximum to prevent CPU exhaustion.
  • Disable PBES2 algorithms in your JWT/JWE processing policy or enforce a stricter policy that only allows approved algorithms. This removes the risk entirely if your application can function without these algorithms.
  • Add custom input validation or a rate limiter to bound or sanitize the p2c parameter before it is passed to the library, ensuring that unusually large iteration counts cannot trigger excessive CPU usage.

Generated by OpenCVE AI on April 17, 2026 at 13:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-w5r5-m38g-f9f9 joserfc's PBES2 p2c Unbounded Iteration Count enables Denial of Service (DoS)
History

Thu, 05 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Hsiaoming
Hsiaoming joserfc
CPEs cpe:2.3:a:hsiaoming:joserfc:*:*:*:*:*:python:*:*
Vendors & Products Hsiaoming
Hsiaoming joserfc

Wed, 04 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Authlib
Authlib joserfc
Vendors & Products Authlib
Authlib joserfc

Tue, 03 Mar 2026 23:00:00 +0000

Type Values Removed Values Added
Description joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service (DoS) via CPU exhaustion. When the library decrypts a JSON Web Encryption (JWE) token using Password-Based Encryption (PBES2) algorithms, it reads the p2c (PBES2 Count) parameter directly from the token's protected header. This parameter defines the number of iterations for the PBKDF2 key derivation function. Because joserfc does not validate or bound this value, an attacker can specify an extremely large iteration count (e.g., 2^31 - 1), forcing the server to expend massive CPU resources processing a single token. This vulnerability exists at the JWA layer and impacts all high-level JWE and JWT decryption interfaces if PBES2 algorithms are allowed by the application's policy.
Title joserfc PBES2 p2c Unbounded Iteration Count enables Denial of Service (DoS)
Weaknesses CWE-770
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Authlib Joserfc
Hsiaoming Joserfc
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-04T21:20:55.097Z

Reserved: 2026-02-25T03:11:36.688Z

Link: CVE-2026-27932

cve-icon Vulnrichment

Updated: 2026-03-04T21:20:50.283Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-03T23:15:56.050

Modified: 2026-03-05T18:00:44.620

Link: CVE-2026-27932

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T13:30:19Z

Weaknesses