GHSA-8H88-GXP3-J7PG

Vulnerability from github – Published: 2026-04-01 21:11 – Updated: 2026-04-01 21:11
VLAI
Summary
openssl-encrypt's unverified key bundle from_dict() + to_identity() path allows encryption to attacker keys
Details

Summary

The PublicKeyBundle.from_dict() method in openssl_encrypt/modules/key_bundle.py at lines 329-361 creates bundles from untrusted data without verifying the signature. The docstring warns to call verify_signature() after creation, but the to_identity() method (line 363-391) can convert an unverified bundle directly to an Identity object.

Affected Code

@classmethod
def from_dict(cls, data: Dict) -> "PublicKeyBundle":
    """
    SECURITY: Does NOT verify signature. Call verify_signature() after creation.
    """
    # Creates bundle without verification

Impact

If from_dict() followed by to_identity() is called without an intervening verify_signature() call, encryption could be performed against an attacker's public key, leaking secrets. While key_resolver.py (lines 146-147) does verify before use, the unguarded API path remains directly callable.

Recommended Fix

  • Add a verified flag to PublicKeyBundle that must be set before to_identity() can be called
  • Or have to_identity() automatically call verify_signature() and raise on failure
  • Or make from_dict() require verification as part of construction

Fix

Fixed in commit f4a1ba6 on branch releases/1.4.x — from_dict() now verifies self_signature by default (verify=True parameter); raises ValueError on verification failure.

Severity
6.6 (Medium)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "openssl-encrypt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-01T21:11:14Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Summary\n\nThe `PublicKeyBundle.from_dict()` method in `openssl_encrypt/modules/key_bundle.py` at **lines 329-361** creates bundles from untrusted data without verifying the signature. The docstring warns to call `verify_signature()` after creation, but the `to_identity()` method (line 363-391) can convert an unverified bundle directly to an `Identity` object.\n\n### Affected Code\n\n```python\n@classmethod\ndef from_dict(cls, data: Dict) -\u003e \"PublicKeyBundle\":\n    \"\"\"\n    SECURITY: Does NOT verify signature. Call verify_signature() after creation.\n    \"\"\"\n    # Creates bundle without verification\n```\n\n### Impact\n\nIf `from_dict()` followed by `to_identity()` is called without an intervening `verify_signature()` call, encryption could be performed against an attacker\u0027s public key, leaking secrets. While `key_resolver.py` (lines 146-147) does verify before use, the unguarded API path remains directly callable.\n\n### Recommended Fix\n\n- Add a `verified` flag to `PublicKeyBundle` that must be set before `to_identity()` can be called\n- Or have `to_identity()` automatically call `verify_signature()` and raise on failure\n- Or make `from_dict()` require verification as part of construction\n\n### Fix\n\nFixed in commit `f4a1ba6` on branch `releases/1.4.x` \u2014 from_dict() now verifies self_signature by default (verify=True parameter); raises ValueError on verification failure.",
  "id": "GHSA-8h88-gxp3-j7pg",
  "modified": "2026-04-01T21:11:14Z",
  "published": "2026-04-01T21:11:14Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/jahlives/openssl_encrypt/security/advisories/GHSA-8h88-gxp3-j7pg"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jahlives/openssl_encrypt/commit/f4a1ba660063cd9e17883829e5272a248525a16b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jahlives/openssl_encrypt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "openssl-encrypt\u0027s unverified key bundle from_dict() + to_identity() path allows encryption to attacker keys"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.