DerScanner
Home / Vulnerability Database / Python : JWT: None Algorithm
Python

Python : JWT: None Algorithm

Classification

OWASP Top 10 2013
A6-Sensitive Data ExposureA7-Missing Function Level Access Control
OWASP Top 10 2017
A3-Sensitive Data ExposureA5-Broken Access Control
OWASP Top 10 2021
A2-Cryptographic FailuresA1-Broken Access Control
OWASP MASVS
V8: 8.13.(L1+R/L2+R)
OWASP ASVS
Stored Cryptography
PCI DSS 4.0
4.2.1
HIPAA
§164.312 (a)(1)§164.312 (d)
CWE
CWE-303

Overview

A JWT token is a string consisting of three parts, each of which is encoded using base64: headline, payload and signature. The base64 encoding does not encrypt or protect the data, but only represents it in an ASCII character sequence. In the first part - token header - the signature algorithm is specified. The algorithm may not exist. The none algorithm may cause the application to be compromised.

This algorithm is used when the integrity of the token is already verified. Some libraries perceive tokens with an algorithm such as validated tokens. An attacker can create “signed” tokens and add any payload. This will allow for random access to the account on the system and, as a result, compromise the application.

References

  1. What is JSON Web Token?
  2. Critical vulnerabilities in JSON Web Token libraries
CRITICAL

DerScanner Severity Score

Do you want to fix Python : JWT: None Algorithm in your application?

See also

Python

Python : Debug mode on

Python

Python : Web3: Deprecated method

Python

Python : Unsafe padding