jsonwebtoken has Type Confusion that leads to potential authorization bypass

jsonwebtoken is a JWT lib in rust. Prior to version 10.3.0, there is a Type Confusion vulnerability in jsonwebtoken, specifically, in its claim validation logic. When a standard claim (such as nbf or exp) is provided with an incorrect JSON type (Like a String instead of a Number), the library’s internal parsing mechanism marks the claim as “FailedToParse”. Crucially, the validation logic treats this “FailedToParse” state identically to “NotPresent”. This means that if a check is enabled (like: validate_nbf = true), but the claim is not explicitly marked as required in required_spec_claims, the library will skip the validation check entirely for the malformed claim, treating it as if it were not there. This allows attackers to bypass critical time-based security restrictions (like “Not Before” checks) and commit potential authentication and authorization bypasses. This issue has been patched in version 10.3.0.

N/A

使用不兼容类型访问资源(类型混淆)

jsonwebtoken 安全漏洞

jsonwebtoken是Auth0开源的一个 JSON Web 令牌的实现。 jsonwebtoken 10.3.0之前版本存在安全漏洞，该漏洞源于声明验证逻辑存在类型混淆，可能导致绕过基于时间的安全限制。

N/A

N/A