5 matches found
CVE-2020-14968
An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse this behavior in an...
Improper Verification of Cryptographic Signature
Overview Versions of jsrsasignprior to 8.0.17 fail to properly verify cryptographic signatures. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse th...
CVE-2020-14968
An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse this behavior in an...
CVE-2020-14968
An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse this behavior in an...
CVE-2020-14968
An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse this behavior in an...