CVE-2025-54887
BaseFortify
Publication date: 2025-08-08
Last updated on: 2025-08-08
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ruby | jwe | 1.1.0 |
| ruby | jwe | 1.1.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-354 | The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects the jwe Ruby library (version 1.1.0 and below), which implements the JSON Web Encryption (JWE) standard. The issue allows attackers to brute force authentication tags of encrypted JWEs, potentially leading to loss of confidentiality. Attackers can modify JWEs to decrypt to arbitrary values by exploiting parsing differences and recovering the internal GHASH key used in AES-GCM encryption. This means encrypted data can be tampered with or decrypted improperly. The vulnerability is fixed in version 1.1.1.
How can this vulnerability impact me? :
This vulnerability can lead to loss of confidentiality of encrypted data protected by the jwe library. Attackers may decrypt or modify encrypted JWEs to arbitrary values, compromising data security. Even users not using AES-GCM encryption are affected because the GHASH key may be recovered. After upgrading, users must rotate encryption keys to prevent further risk.
What immediate steps should I take to mitigate this vulnerability?
Upgrade the jwe Ruby library to version 1.1.1 or later to fix the vulnerability. After upgrading, rotate the encryption keys used for JWEs to prevent potential misuse due to leaked GHASH keys.