chore(deps): update module github.com/go-jose/go-jose/v3 to v3.0.5 [security] (release-1.13)

[phisco-renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/go-jose/go-jose/v3	v3.0.0 → v3.0.5

---

Decryption of malicious PBES2 JWE objects can consume unbounded system resources

GHSA-2c7c-3mj9-8fqh / GO-2023-2334

More information

Details

The go-jose package is subject to a "billion hashes attack" causing denial-of-service when decrypting JWE inputs. This occurs when an attacker can provide a PBES2 encrypted JWE blob with a very large p2c value that, when decrypted, produces a denial-of-service.

Severity

Moderate

References

• https://github.com/go-jose/go-jose/issues/64
• https://github.com/go-jose/go-jose/commit/65351c27657d58960c2e6c9fbb2b00f818e50568
• https://github.com/go-jose/go-jose/commit/a3d307244c3bc50b25a71aa0688764c32ec419c7
• https://github.com/go-jose/go-jose

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

---

Denial of service via decryption of malicious PBES2 JWE objects in github.com/go-jose/go-jose/v3

GHSA-2c7c-3mj9-8fqh / GO-2023-2334

More information

Details

The go-jose package is subject to a "billion hashes attack" causing denial-of-service when decrypting JWE inputs. This occurs when an attacker can provide a PBES2 encrypted JWE blob with a very large p2c value that, when decrypted, produces a denial-of-service.

Severity

Unknown

References

• https://github.com/go-jose/go-jose/commit/65351c27657d58960c2e6c9fbb2b00f818e50568
• https://github.com/go-jose/go-jose/issues/64

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

---

Go JOSE vulnerable to Improper Handling of Highly Compressed Data (Data Amplification)

CVE-2024-28180 / GHSA-c5q2-7r4c-mv6g / GO-2024-2631

More information

Details

Impact

An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). Thanks to Enze Wang@Alioth and Jianjun Chen@Zhongguancun Lab (@​zer0yu and @​chenjj) for reporting.

Patches

The problem is fixed in the following packages and versions:

• github.com/go-jose/go-jose/v4 version 4.0.1
• github.com/go-jose/go-jose/v3 version 3.0.3
• gopkg.in/go-jose/go-jose.v2 version 2.6.3

The problem will not be fixed in the following package because the package is archived:

• gopkg.in/square/go-jose.v2

Severity

• CVSS Score: 4.3 / 10 (Medium)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References

• https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g
• https://nvd.nist.gov/vuln/detail/CVE-2024-28180
• https://github.com/go-jose/go-jose/commit/0dd4dd541c665fb292d664f77604ba694726f298
• https://github.com/go-jose/go-jose/commit/add6a284ea0f844fd6628cba637be5451fe4b28a
• https://github.com/go-jose/go-jose/commit/f4c051a0653d78199a053892f7619ebf96339502
• https://github.com/go-jose/go-jose
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IJ6LAJJ2FTA2JVVOACCV5RZTOIZLXUNJ
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JNPMXL36YGS3GQEVI3Q5HKHJ7YAAQXL5
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MSOMHDKRPU3A2JEMRODT2IREDFBLVPGS
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

---

Decompression bomb vulnerability in github.com/go-jose/go-jose

CVE-2024-28180 / GHSA-c5q2-7r4c-mv6g / GO-2024-2631

More information

Details

An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.

Severity

Unknown

References

• https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g
• https://github.com/go-jose/go-jose/commit/0dd4dd541c665fb292d664f77604ba694726f298
• https://github.com/go-jose/go-jose/commit/add6a284ea0f844fd6628cba637be5451fe4b28a
• https://github.com/go-jose/go-jose/commit/f4c051a0653d78199a053892f7619ebf96339502

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

---

DoS in go-jose Parsing

CVE-2025-27144 / GHSA-c6gw-w398-hv78 / GO-2025-3485

More information

Details

Impact

When parsing compact JWS or JWE input, go-jose could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of '.' characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.

Patches

Version 4.0.5 fixes this issue

Workarounds

Applications could pre-validate payloads passed to go-jose do not contain an excessive number of '.' characters.

References

This is the same sort of issue as in the golang.org/x/oauth2/jws package as CVE-2025-22868 and Go issue https://go.dev/issue/71490.

Severity

• CVSS Score: 6.9 / 10 (Medium)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

References

• https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78
• https://nvd.nist.gov/vuln/detail/CVE-2025-27144
• https://github.com/golang/go/issues/71490
• https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22
• https://github.com/go-jose/go-jose
• https://github.com/go-jose/go-jose/releases/tag/v4.0.5
• https://go.dev/issue/71490

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

---

DoS in go-jose Parsing in github.com/go-jose/go-jose

CVE-2025-27144 / GHSA-c6gw-w398-hv78 / GO-2025-3485

More information

Details

DoS in go-jose Parsing in github.com/go-jose/go-jose

Severity

Unknown

References

• https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78
• https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22
• https://github.com/go-jose/go-jose/releases/tag/v4.0.5
• https://go.dev/issue/71490
• https://go.dev/issue/71490

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

---

Go JOSE Panics in JWE decryption

CVE-2026-34986 / GHSA-78h2-9frx-2jm8

More information

Details

Impact

Decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key.

This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected.

This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common.

Panics can lead to denial of service.

Fixed In

4.1.4 and v3.0.5

Workarounds

If the list of keyAlgorithms passed to ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() does not include key wrapping algorithms (those ending in KW), your application is unaffected.

If your application uses key wrapping, you can prevalidate to the JWE objects to ensure the encrypted_key field is nonempty. If your application accepts JWE Compact Serialization, apply that validation to the corresponding field of that serialization (the data between the first and second .).

Thanks

Thanks to Datadog's Security team for finding this issue.

Severity

• CVSS Score: 7.5 / 10 (High)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

• https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8
• https://nvd.nist.gov/vuln/detail/CVE-2026-34986
• https://github.com/go-jose/go-jose
• https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

go-jose/go-jose (github.com/go-jose/go-jose/v3)

v3.0.5

Compare Source

What's Changed

Fixes GHSA-78h2-9frx-2jm8

We recommend migrating from v3 to v4, and we will stop support v3 in the near future.

Full Changelog: go-jose/go-jose@v3.0.4...v3.0.5

v3.0.4

Compare Source

What's Changed

Backport fix for GHSA-c6gw-w398-hv78 CVE-2025-27144
#​174

Full Changelog: go-jose/go-jose@v3.0.3...v3.0.4

v3.0.3: Version 3.0.3

Compare Source

Fixed

• Limit decompression output size to prevent a DoS. Backport from v4.0.1.

v3.0.2: Version 3.0.2

Compare Source

Fixed

• DecryptMulti: handle decompression error (#​19)

Changed

• jwe/CompactSerialize: improve performance (#​67)
• Increase the default number of PBKDF2 iterations to 600k (#​48)
• Return the proper algorithm for ECDSA keys (#​45)
• Update golang.org/x/crypto to v0.19 (#​94)

Added

• Add Thumbprint support for opaque signers (#​38)

v3.0.1: Version 3.0.1

Compare Source

Fixed

Security issue: an attacker specifying a large "p2c" value can cause JSONWebEncryption.Decrypt and JSONWebEncryption.DecryptMulti to consume large amounts of CPU, causing a DoS. Thanks to Matt Schwager (@​mschwager) for the disclosure and to Tom Tervoort for originally publishing the category of attack. https://i.blackhat.com/BH-US-23/Presentations/US-23-Tervoort-Three-New-Attacks-Against-JSON-Web-Tokens.pdf

The release is tagged off the release-v3.0.1 branch to avoid mixing in some as-yet unreleased changes on the v3 branch.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • ""
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.

[phisco-renovate]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.mod

Command failed: install-tool golang $(grep -oP ^toolchain go\K.+ go.mod)

File name: go.mod

Command failed: make generate
go: downloading github.com/alecthomas/kong v0.8.0
go: downloading github.com/crossplane/crossplane-runtime v0.20.0
go: downloading github.com/google/go-containerregistry v0.16.1
go: downloading k8s.io/apimachinery v0.27.3
go: downloading k8s.io/client-go v0.27.3
go: downloading sigs.k8s.io/controller-runtime v0.15.0
go: downloading github.com/google/uuid v1.3.0
go: downloading github.com/opencontainers/runtime-spec v1.1.0-rc.3.0.20230610073135-48415de180cf
go: downloading k8s.io/api v0.27.3
go: downloading k8s.io/apiextensions-apiserver v0.27.3
go: downloading github.com/spf13/afero v1.9.5
go: downloading github.com/google/go-cmp v0.5.9
go: downloading k8s.io/utils v0.0.0-20230505201702-9f6742963106
go: downloading github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20230617045147-2472cbbbf289
go: downloading google.golang.org/grpc v1.56.2
go: downloading golang.org/x/sync v0.3.0
go: downloading github.com/cyphar/filepath-securejoin v0.2.3
go: downloading sigs.k8s.io/yaml v1.3.0
go: downloading golang.org/x/sys v0.17.0
go: downloading kernel.org/pub/linux/libs/security/libcap/cap v1.2.69
go: downloading github.com/bufbuild/buf v1.24.0
go: downloading github.com/jmattheis/goverter v0.17.4
go: downloading k8s.io/code-generator v0.27.3
go: downloading sigs.k8s.io/controller-tools v0.12.1
go: downloading github.com/go-logr/logr v1.2.4
go: downloading golang.org/x/time v0.3.0
go: downloading github.com/evanphx/json-patch/v5 v5.6.0
go: downloading github.com/go-logr/zapr v1.2.4
go: downloading github.com/evanphx/json-patch v4.12.0+incompatible
go: downloading go.uber.org/zap v1.24.0
go: downloading k8s.io/klog/v2 v2.100.1
go: downloading sigs.k8s.io/structured-merge-diff/v4 v4.2.3
go: downloading github.com/docker/cli v24.0.4+incompatible
go: downloading github.com/google/gnostic v0.6.9
go: downloading golang.org/x/net v0.12.0
go: downloading github.com/containerd/stargz-snapshotter/estargz v0.14.3
go: downloading gomodules.xyz/jsonpatch/v2 v2.3.0
go: downloading github.com/prometheus/client_golang v1.15.1
go: downloading kernel.org/pub/linux/libs/security/libcap/psx v1.2.69
go: downloading google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1
go: downloading github.com/spf13/cobra v1.7.0
go: downloading k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515
go: downloading github.com/docker/docker v24.0.4+incompatible
go: downloading golang.org/x/term v0.17.0
go: downloading golang.org/x/oauth2 v0.8.0
go: downloading github.com/docker/distribution v2.8.2+incompatible
go: downloading github.com/klauspost/compress v1.16.7
go: downloading github.com/vbatts/tar-split v0.11.3
go: downloading github.com/fsnotify/fsnotify v1.6.0
go: downloading k8s.io/component-base v0.27.3
go: downloading github.com/hashicorp/vault/api v1.9.2
go: downloading github.com/opencontainers/image-spec v1.1.0-rc4
go: downloading github.com/prometheus/client_model v0.4.0
go: downloading github.com/prometheus/common v0.44.0
go: downloading github.com/docker/docker-credential-helpers v0.7.0
go: downloading golang.org/x/tools v0.11.0
go: downloading github.com/fatih/color v1.15.0
go: downloading github.com/prometheus/procfs v0.10.0
go: downloading github.com/cenkalti/backoff/v3 v3.0.0
go: downloading github.com/go-jose/go-jose/v3 v3.0.5
go: downloading github.com/hashicorp/errwrap v1.1.0
go: downloading github.com/hashicorp/go-cleanhttp v0.5.2
go: downloading github.com/hashicorp/go-multierror v1.1.1
go: downloading github.com/hashicorp/go-retryablehttp v0.7.1
go: downloading github.com/hashicorp/go-rootcerts v1.0.2
go: downloading github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6
go: downloading github.com/hashicorp/go-secure-stdlib/strutil v0.1.2
go: downloading github.com/mitchellh/mapstructure v1.5.0
go: downloading github.com/matttproud/golang_protobuf_extensions v1.0.4
go: downloading github.com/aws/smithy-go v1.13.5
go: downloading cloud.google.com/go/compute v1.19.3
go: downloading github.com/mattn/go-isatty v0.0.17
go: downloading github.com/emicklei/go-restful/v3 v3.10.2
go: downloading github.com/hashicorp/go-sockaddr v1.0.2
go: downloading github.com/ryanuber/go-glob v1.0.0
go: downloading golang.org/x/crypto v0.19.0
go: downloading github.com/bufbuild/connect-go v1.9.0
go: downloading github.com/bufbuild/connect-opentelemetry-go v0.4.0
go: downloading go.opentelemetry.io/otel v1.16.0
go: downloading github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8
go: downloading golang.org/x/mod v0.12.0
go: downloading go.opentelemetry.io/otel/trace v1.16.0
go: downloading github.com/bufbuild/protocompile v0.5.1
go: downloading github.com/jdxcode/netrc v0.0.0-20221124155335-4616370d1a84
go: downloading github.com/tetratelabs/wazero v1.2.1
go: downloading go.opentelemetry.io/otel/metric v1.16.0
go: downloading github.com/rs/cors v1.9.0
go: downloading github.com/go-chi/chi/v5 v5.0.8
go: downloading github.com/cpuguy83/go-md2man/v2 v2.0.2
go: downloading go.opentelemetry.io/otel/sdk v1.16.0
go: downloading github.com/docker/go-connections v0.4.0
go: downloading github.com/google/pprof v0.0.0-20230705174524-200ffdc848b8
# golang.org/x/tools/internal/tokeninternal
/home/ubuntu/go/pkg/mod/golang.org/x/tools@v0.11.0/internal/tokeninternal/tokeninternal.go:78:9: invalid array length -delta * delta (constant -256 of type int64)
apis/generate.go:45: running "go": exit status 1
make[1]: *** [build/makelib/golang.mk:240: go.generate] Error 1
make: *** [build/makelib/common.mk:434: generate] Error 2