Vulnerabilities > CVE-2021-46743 - Type Confusion vulnerability in Google Firebase PHP-Jwt

CVSS 5.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

google

CWE-843

NVD

Published: 2022-03-29

Updated: 2022-04-08

Summary

In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue (e.g., RS256 / HS256) exists via the kid (aka Key ID) header, when multiple types of keys are loaded in a key ring. This allows an attacker to forge tokens that validate under the incorrect key. NOTE: this provides a straightforward way to use the PHP-JWT library unsafely, but might not be considered a vulnerability in the library itself.

Vulnerable Configurations

Part	Description	Count
Application	Google Google Firebase PHP JWT - Google Firebase PHP JWT 0.0.0 Google Firebase PHP JWT 1.0.0 Google Firebase PHP JWT 2.0.0 Google Firebase PHP JWT 2.1.0 Google Firebase PHP JWT 2.2.0 Google Firebase PHP JWT 3.0.0 Google Firebase PHP JWT 4.0.0 Google Firebase PHP JWT 5.0.0 Google Firebase PHP JWT 5.1.0 Google Firebase PHP JWT 5.2.0 Google Firebase PHP JWT 5.2.1 Google Firebase PHP JWT 5.3.0 Google Firebase PHP JWT 5.4.0 Google Firebase PHP JWT 5.5.0 Google Firebase PHP JWT 5.5.1	16

Common Weakness Enumeration (CWE)

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

References

https://github.com/firebase/php-jwt/issues/351