Source: libjwt3 Version: 3.3.2-1 Severity: grave Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerability was published for libjwt3. CVE-2026-44699[0]: | LibJWT is a C JSON Web Token Library. From 3.0.0 to 3.3.2, libjwt | accepts an RSA JWK that does not contain an alg parameter as the | verification key for an HS256/HS384/HS512 token. In the OpenSSL | backend, this causes HMAC verification to run with a zero-length | key, so an attacker can forge a valid JWT without knowing any secret | or RSA private key. This is an algorithm-confusion authentication | bypass. It affects applications that load RSA keys from JWKS where | alg is omitted, which is valid JWK syntax and common in real | deployments, and then choose the verification algorithm from the JWT | header, for example in a kid lookup callback. This vulnerability is | fixed in 3.3.3. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-44699 https://www.cve.org/CVERecord?id=CVE-2026-44699 [1] https://github.com/benmcollins/libjwt/security/advisories/GHSA-q843-6q5f-w55g [2] https://github.com/benmcollins/libjwt/commit/49c730a4036c5ae67a4a97e4e55101e445fda694 Regards, Salvatore
