High severity vulnerability that affects openpgp

2019-08-23T21:42:18
ID GHSA-HFMF-Q43V-2FFJ
Type github
Reporter GitHub Advisory Database
Modified 2019-09-02T10:56:12

Description

Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to pass off unsigned data as signed.