Lucene search
K

4 matches found

OSV
OSV
added 2022/03/18 2:15 p.m.1 views

DEBIAN-CVE-2022-24773

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS1 v1.5 signature verification code does not properly check DigestInfo for a proper ASN.1 structure. This can lead to successful verification with signatures that...

5.3CVSS6.7AI score0.00875EPSS
Exploits0References1
OSV
OSV
added 2022/03/18 2:15 p.m.3 views

DEBIAN-CVE-2022-24772

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed an...

7.5CVSS6.7AI score0.01015EPSS
Exploits0References1
OSV
OSV
added 2022/03/18 2:15 p.m.1 views

UBUNTU-CVE-2022-24773

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS1 v1.5 signature verification code does not properly check DigestInfo for a proper ASN.1 structure. This can lead to successful verification with signatures that...

5.3CVSS6.8AI score0.00875EPSS
Exploits0References5
OSV
OSV
added 2022/03/18 2:15 p.m.3 views

UBUNTU-CVE-2022-24772

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed an...

7.5CVSS6.7AI score0.01015EPSS
Exploits0References5
Rows per page
Query Builder