lestrrat-go · lestrrat · Dec 3, 2023 · Dec 3, 2023 · Dec 3, 2023
diff --git a/Changes b/Changes
@@ -2,7 +2,13 @@ Changes
 =======
 
 v1.2.27 - UNRELEASED
-[Buf xies]
+[Security]
+  * [jwe] A large number in p2c parameter for PBKDF2 based encryptions could cause a DoS attack,
+    similar to https://nvd.nist.gov/vuln/detail/CVE-2022-36083.  All users should upgrade, as
+    unlike v2, v1 attempts to decrypt JWEs on JWTs by default.
+    [GHSA-7f9x-gw85-8grf]
+
+[Bug xies]
   * [jwk] jwk.Set(jwk.KeyOpsKey, <jwk.KeyOperation>) now works (previously, either
      Set(.., <string>) or Set(..., []jwk.KeyOperation{...}) worked, but not a single
      jwk.KeyOperation

diff --git a/jwe/message.go b/jwe/message.go
@@ -612,6 +612,11 @@ func doDecryptCtx(dctx *decryptCtx) ([]byte, error) {
 			if !ok {
 				return nil, errors.Errorf("unexpected type for 'p2c': %T", count)
 			}
+			// in v1, this number is hardcoded to 10000. Use v2 if you need to
+			// finetune this value
+			if countFlt > 10000 {
+				return nil, errors.Errorf("invalid value for 'p2c'")
+			}
 			salt, err := base64.DecodeString(saltB64Str)
 			if err != nil {
 				return nil, errors.Wrap(err, "failed to b64-decode 'salt'")