jsrsasign
11 known vulnerabilities · 3 critical · 2 high
jsrsasign is vulnerable to DoS through Infinite Loop when processing zero or negative inputs
jsrsasign: Negative Exponent Handling Leads to Signature Verification Bypass
RSA-PSS signature validation vulnerability by prepending zeros in jsrsasign
RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasign
RSA signature validation vulnerability on maleable encoded message in jsrsasign
ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding in jsrsasign
jsrsasign: DSA signatures or X.509 certificates can be forged via DSA domain-parameter validation in KJUR.crypto.DSA.setPublic
jsrsasign: Division by Zero Allows Invalid JWK Modulus to Cause Deterministic Zero Output in RSA Operations
jsrsasign: Missing cryptographic validation during DSA signing enables private key extraction
jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation
JWS and JWT signature validation vulnerability with special characters