CVE-2025-68703
Key Derivation Weakness in Jervis Library Enables Encryption Key Reuse
Publication date: 2026-01-13
Last updated on: 2026-01-13
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gleske | jervis | to 2.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-326 | The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-68703 is a vulnerability in the Jervis library versions prior to 2.2 where the salt used for the PBKDF2 key derivation function is deterministically derived from the password itself by taking the SHA-256 hash of the passphrase. This causes the same salt and thus the same derived key to be generated for repeated encryption operations using the same password. This design flaw enables pre-computation attacks, allowing attackers to reuse computed keys or precompute hashes for common passwords, significantly weakening the security of the key derivation process. The issue is fixed in version 2.2 by generating a random salt for each password and storing it alongside the ciphertext, ensuring unique key derivation even for the same password. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by weakening the security of encrypted data when using Jervis versions prior to 2.2. Because the salt is derived deterministically from the password, attackers can perform pre-computation attacks, potentially allowing them to recover encryption keys or decrypt data encrypted with the same password. This is considered a high severity risk for external consumers of the library, as it compromises confidentiality and security of encrypted information. The vulnerability is less severe for internal uses. The only mitigation is upgrading to Jervis version 2.2 or later. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying if your system is using Jervis versions prior to 2.2, which use a deterministic salt derived from sha256Sum(passphrase) for key derivation. You can check the version of the Jervis library in your environment. Since the vulnerability relates to the encryption implementation, inspecting the code or binaries for the presence of the vulnerable key derivation method (salt = sha256Sum(passphrase).toLowerCase()) can help detect it. There are no specific network detection commands provided. To check the version, you might use commands like 'mvn dependency:list | grep jervis' if using Maven, or check your build files or dependency manifests. No direct commands for detecting the vulnerability on the network or system are provided. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the Jervis library to version 2.2 or later, where the vulnerability is fixed by generating a random salt for each password and storing it alongside the ciphertext, ensuring unique key derivation. No other workarounds are available. Upgrading will also bring improvements such as migration to AES-256-GCM encryption and stronger RSA key handling. [1]