2 matches found
Updated openssl packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Excessive time spent in DH check / generation with large Q parameter value. CVE-2023-5678 POLY1305 MAC implementation corrupts vector registers on PowerPC. CVE-2023-6129 Excessive time spent checking invalid RSA public keys. CVE-2023-6237 PKCS12...
jsrsasign package data forgery issue vulnerability
jsrsasign package is an open source encryption library from the Japanese personal developer Kenji Urashima . A security vulnerability exists in Node.js jsrsasign package prior to 10.1.13, which stems from some invalid RSA pkc. No details of the vulnerability are provided at this time...