CVE-2022-31053 (GCVE-0-2022-31053)
Vulnerability from cvelistv5 – Published: 2022-06-13 19:35 – Updated: 2025-04-22 17:54
VLAI?
Summary
Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid Γ-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue.
Severity ?
9.8 (Critical)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| biscuit-auth | biscuit |
Affected:
biscuit-auth >= 1.0.0, < 2.0.0
Affected: biscuit-haskell = 0.1.1.0 Affected: com.clever-cloud.biscuit-java < 2.0.0 Affected: github.com/biscuit-auth/biscuit-go < 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eprint.iacr.org/2020/1484"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31053",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:37:20.536342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T17:54:16.990Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "biscuit",
"vendor": "biscuit-auth",
"versions": [
{
"status": "affected",
"version": "biscuit-auth \u003e= 1.0.0, \u003c 2.0.0"
},
{
"status": "affected",
"version": "biscuit-haskell = 0.1.1.0"
},
{
"status": "affected",
"version": "com.clever-cloud.biscuit-java \u003c 2.0.0"
},
{
"status": "affected",
"version": "github.com/biscuit-auth/biscuit-go \u003c 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid \u0393-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T19:35:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eprint.iacr.org/2020/1484"
}
],
"source": {
"advisory": "GHSA-75rw-34q6-72cr",
"discovery": "UNKNOWN"
},
"title": "Signature forgery in Biscuit",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31053",
"STATE": "PUBLIC",
"TITLE": "Signature forgery in Biscuit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "biscuit",
"version": {
"version_data": [
{
"version_value": "biscuit-auth \u003e= 1.0.0, \u003c 2.0.0"
},
{
"version_value": "biscuit-haskell = 0.1.1.0"
},
{
"version_value": "com.clever-cloud.biscuit-java \u003c 2.0.0"
},
{
"version_value": "github.com/biscuit-auth/biscuit-go \u003c 2.0"
}
]
}
}
]
},
"vendor_name": "biscuit-auth"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid \u0393-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347: Improper Verification of Cryptographic Signature"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr",
"refsource": "CONFIRM",
"url": "https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr"
},
{
"name": "https://eprint.iacr.org/2020/1484",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2020/1484"
}
]
},
"source": {
"advisory": "GHSA-75rw-34q6-72cr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31053",
"datePublished": "2022-06-13T19:35:10.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-22T17:54:16.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:biscuitsec:biscuit-auth:*:*:*:*:*:rust:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndIncluding\": \"1.1.0\", \"matchCriteriaId\": \"0E563805-9EDE-4DF0-82CB-869AD67AC574\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:biscuitsec:biscuit-go:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.0.0\", \"matchCriteriaId\": \"3D442EFC-06BF-429F-848C-7BF4B7438BEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:biscuitsec:biscuit-haskell:0.1.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E24AA7F-9A5F-4032-BE61-BD0B4AB77465\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clever-cloud:biscuit-java:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.0.0\", \"matchCriteriaId\": \"020BC888-E2CE-4B88-A043-F7EE3DC54A62\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid \\u0393-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue.\"}, {\"lang\": \"es\", \"value\": \"Biscuit es un token de autenticaci\\u00f3n y autorizaci\\u00f3n para arquitecturas de microservicios. La versi\\u00f3n 1 de la especificaci\\u00f3n de Biscuit contiene un algoritmo vulnerable que permite a actores maliciosos falsificar firmas v\\u00e1lidas. Un ataque de este tipo permitir\\u00eda a un atacante crear un token con cualquier nivel de acceso. La versi\\u00f3n 2 de la especificaci\\u00f3n impone un algoritmo diferente a las firmas gamma y, como tal, no est\\u00e1 afectada por esta vulnerabilidad. Las implementaciones de Biscuit en Rust, Haskell, Go, Java y Javascript han publicado versiones que siguen la especificaci\\u00f3n v2. No se presentan mitigaciones conocidas para este problema\"}]",
"id": "CVE-2022-31053",
"lastModified": "2024-11-21T07:03:47.747",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2022-06-13T20:15:07.820",
"references": "[{\"url\": \"https://eprint.iacr.org/2020/1484\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Technical Description\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://eprint.iacr.org/2020/1484\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Technical Description\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-347\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-31053\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2022-06-13T20:15:07.820\",\"lastModified\":\"2024-11-21T07:03:47.747\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid \u0393-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue.\"},{\"lang\":\"es\",\"value\":\"Biscuit es un token de autenticaci\u00f3n y autorizaci\u00f3n para arquitecturas de microservicios. La versi\u00f3n 1 de la especificaci\u00f3n de Biscuit contiene un algoritmo vulnerable que permite a actores maliciosos falsificar firmas v\u00e1lidas. Un ataque de este tipo permitir\u00eda a un atacante crear un token con cualquier nivel de acceso. La versi\u00f3n 2 de la especificaci\u00f3n impone un algoritmo diferente a las firmas gamma y, como tal, no est\u00e1 afectada por esta vulnerabilidad. Las implementaciones de Biscuit en Rust, Haskell, Go, Java y Javascript han publicado versiones que siguen la especificaci\u00f3n v2. No se presentan mitigaciones conocidas para este problema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:biscuitsec:biscuit-auth:*:*:*:*:*:rust:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndIncluding\":\"1.1.0\",\"matchCriteriaId\":\"0E563805-9EDE-4DF0-82CB-869AD67AC574\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:biscuitsec:biscuit-go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.0\",\"matchCriteriaId\":\"3D442EFC-06BF-429F-848C-7BF4B7438BEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:biscuitsec:biscuit-haskell:0.1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E24AA7F-9A5F-4032-BE61-BD0B4AB77465\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clever-cloud:biscuit-java:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.0\",\"matchCriteriaId\":\"020BC888-E2CE-4B88-A043-F7EE3DC54A62\"}]}]}],\"references\":[{\"url\":\"https://eprint.iacr.org/2020/1484\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://eprint.iacr.org/2020/1484\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"product\": \"biscuit\", \"vendor\": \"biscuit-auth\", \"versions\": [{\"status\": \"affected\", \"version\": \"biscuit-auth \u003e= 1.0.0, \u003c 2.0.0\"}, {\"status\": \"affected\", \"version\": \"biscuit-haskell = 0.1.1.0\"}, {\"status\": \"affected\", \"version\": \"com.clever-cloud.biscuit-java \u003c 2.0.0\"}, {\"status\": \"affected\", \"version\": \"github.com/biscuit-auth/biscuit-go \u003c 2.0\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid \\u0393-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-347\", \"description\": \"CWE-347: Improper Verification of Cryptographic Signature\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2022-06-13T19:35:10.000Z\", \"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\"}, \"references\": [{\"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://eprint.iacr.org/2020/1484\"}], \"source\": {\"advisory\": \"GHSA-75rw-34q6-72cr\", \"discovery\": \"UNKNOWN\"}, \"title\": \"Signature forgery in Biscuit\", \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"security-advisories@github.com\", \"ID\": \"CVE-2022-31053\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Signature forgery in Biscuit\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"biscuit\", \"version\": {\"version_data\": [{\"version_value\": \"biscuit-auth \u003e= 1.0.0, \u003c 2.0.0\"}, {\"version_value\": \"biscuit-haskell = 0.1.1.0\"}, {\"version_value\": \"com.clever-cloud.biscuit-java \u003c 2.0.0\"}, {\"version_value\": \"github.com/biscuit-auth/biscuit-go \u003c 2.0\"}]}}]}, \"vendor_name\": \"biscuit-auth\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid \\u0393-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue.\"}]}, \"impact\": {\"cvss\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-347: Improper Verification of Cryptographic Signature\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr\", \"refsource\": \"CONFIRM\", \"url\": \"https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr\"}, {\"name\": \"https://eprint.iacr.org/2020/1484\", \"refsource\": \"MISC\", \"url\": \"https://eprint.iacr.org/2020/1484\"}]}, \"source\": {\"advisory\": \"GHSA-75rw-34q6-72cr\", \"discovery\": \"UNKNOWN\"}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:03:40.292Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"], \"url\": \"https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://eprint.iacr.org/2020/1484\"}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-31053\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-22T15:37:20.536342Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-22T15:37:22.257Z\"}}]}",
"cveMetadata": "{\"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"assignerShortName\": \"GitHub_M\", \"cveId\": \"CVE-2022-31053\", \"datePublished\": \"2022-06-13T19:35:10.000Z\", \"dateReserved\": \"2022-05-18T00:00:00.000Z\", \"dateUpdated\": \"2025-04-22T17:54:16.990Z\", \"state\": \"PUBLISHED\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…