USN-8065-1: Authlib vulnerabilities

USN-8065-1: Authlib vulnerabilities

https://ubuntu.com/security/notices/rss.xml / Thu, 02/26/2026 - 17:04
Millie Solem discovered that Authlib did not properly restrict algorithm selection during JWT verification, allowing HMAC verification with asymmetric public keys when no algorithm was specified. A remote attacker could possibly use this issue to bypass signature verification and forge tokens, resulting in authentication bypass or privilege escalation. (CVE-2024-37568) Muhammad Noman Ilyas discovered that Authlib did not properly enforce critical header parameter handling during JSON Web Signature verification, leading to unknown critical parameters being incorrectly accepted. A remote attacker could possibly use this issue to bypass security policies in mixed deployments, resulting in authentication bypass, replay attacks, or privilege escalation. (CVE-2025-59420) Muhammad Noman Ilyas discovered that Authlib did not properly limit the size of JSON Web Signature or JSON Web Token header and signature segments. A remote attacker could possibly use this issue to cause excessive memory or processor consumption, leading to a denial of service. (CVE-2025-61920) Muhammad Noman Ilyas discovered that Authlib performed unbounded decompression when processing certain compressed encrypted tokens. A remote attacker could possibly use this issue to send a specially crafted token that can be expanded to a large size during decompression, causing a denial of service. (CVE-2025-62706) It was discovered that Authlib did not properly bind cached state information to the initiating user session during OAuth authentication flows. A remote attacker could possibly use this issue to perform cross- site request forgery attacks, resulting in unauthorized actions or authentication bypass. This issue only affected Ubuntu 24.04 LTS. (CVE-2025-68158)

About

Kenya Education Network CERT(KENET-CERT) is a Cybersecurity Emergency Response Team and Co-ordination Center operated by the National Research and Education Network of Kenya. KENET-CERT coordination center promotes awareness on cybersecurity incidences as well as coordinates and assists member institutions in responding effectively to cyber security threats and incidences. KENET-CERT works closely with Kenya's National CIRT coordination center (CIRT/CC) as a sector CIRT for the academic institutions. KENET promotes use of ICT in Teaching, Learning and Research in Higher Education Institutions in Kenya. KENET aims to interconnect all the Universities, Tertiary and Research Institutions in Kenya by setting up a cost effective and sustainable private network with high speed access to the global Internet. KENET also facilitates electronic communication among students and faculties in member institutions, share learning and teaching resources by collaboration in Research and Development of Educational content.