jsrsasign
11 known vulnerabilities · 3 critical · 2 high
RSA signature validation vulnerability on maleable encoded message in jsrsasign
jsrsasign is vulnerable to DoS through Infinite Loop when processing zero or negative inputs
JWS and JWT signature validation vulnerability with special characters
jsrsasign: Negative Exponent Handling Leads to Signature Verification Bypass
jsrsasign: Division by Zero Allows Invalid JWK Modulus to Cause Deterministic Zero Output in RSA Operations
RSA-PSS signature validation vulnerability by prepending zeros in jsrsasign
RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasign
ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding in jsrsasign
jsrsasign: Missing cryptographic validation during DSA signing enables private key extraction
jsrsasign: DSA signatures or X.509 certificates can be forged via DSA domain-parameter validation in KJUR.crypto.DSA.setPublic
jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation