CVE-2024-37568
📋 TL;DR
This vulnerability allows attackers to forge JWT tokens by exploiting algorithm confusion in lepture Authlib. When jwt.decode() is called without specifying an algorithm, the library incorrectly accepts HMAC verification with asymmetric public keys, enabling authentication bypass. This affects any application using vulnerable versions of lepture Authlib for JWT validation.
💻 Affected Systems
- lepture Authlib
📦 What is this software?
Authlib by Authlib
⚠️ Risk & Real-World Impact
Worst Case
Complete authentication bypass allowing attackers to impersonate any user, escalate privileges, and access sensitive data or administrative functions.
Likely Case
Authentication bypass enabling unauthorized access to user accounts and protected resources.
If Mitigated
Limited impact if proper algorithm validation is enforced or if tokens are validated with proper algorithm specification.
🎯 Exploit Status
Exploitation requires knowledge of public key and ability to craft JWT tokens. Similar to previously exploited vulnerabilities CVE-2022-29217 and CVE-2024-33663.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.3.1
Vendor Advisory: https://github.com/lepture/authlib/issues/654
Restart Required: Yes
Instructions:
1. Update Authlib: pip install --upgrade authlib==1.3.1
2. Restart all affected Python applications
3. Verify all JWT validation calls explicitly specify algorithms
🔧 Temporary Workarounds
Explicit Algorithm Specification
allModify all jwt.decode() calls to explicitly specify the expected algorithm parameter
Change jwt.decode(token, key) to jwt.decode(token, key, algorithms=['RS256']) or appropriate algorithm
🧯 If You Can't Patch
- Implement application-level validation to reject tokens without proper algorithm headers
- Use Web Application Firewall (WAF) rules to detect and block JWT manipulation attempts
🔍 How to Verify
Check if Vulnerable:
Check if Authlib version < 1.3.1 and if any jwt.decode() calls lack explicit algorithm parameterCheck Version:
python -c "import authlib; print(authlib.__version__)"Verify Fix Applied:
Verify Authlib version is 1.3.1 or higher and all jwt.decode() calls include explicit algorithm parameter📡 Detection & Monitoring
Log Indicators:
- Failed JWT validations with algorithm mismatch errors
- Unusual authentication patterns or successful logins with malformed tokens
Network Indicators:
- HTTP requests with manipulated JWT tokens in Authorization headers
- Unusual authentication attempts to JWT-protected endpoints
SIEM Query:
source="application_logs" AND ("jwt.decode" OR "JWT validation") AND ("algorithm" OR "signature") AND ("error" OR "failed")🔗 References
- https://github.com/lepture/authlib/issues/654
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHJI32SN4FNAUVNALVGOKWHNSQ6XS3M5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZI7HYGN7VZAYFV6UV3SRLYF7QGERXIU/
- https://www.vicarius.io/vsociety/posts/algorithm-confusion-in-lepture-authlib-cve-2024-37568
- https://github.com/lepture/authlib/issues/654
- https://lists.debian.org/debian-lts-announce/2025/10/msg00032.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHJI32SN4FNAUVNALVGOKWHNSQ6XS3M5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZI7HYGN7VZAYFV6UV3SRLYF7QGERXIU/
- https://www.vicarius.io/vsociety/posts/algorithm-confusion-in-lepture-authlib-cve-2024-37568
