Lucene search
K

23 matches found

OSV
OSV
added 2026/03/23 6:30 a.m.7 views

GHSA-5JX8-Q4CP-RHH6 jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect...

9.3CVSS5.9AI score0.00476EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/23 6:30 a.m.11 views

EUVD-2026-14373

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect...

9.3CVSS5.8AI score0.00476EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/03/23 6:30 a.m.7 views

jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect...

9.3CVSS5.9AI score0.00476EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/03/23 5:0 a.m.32 views

CVE-2026-4599

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect...

9.3CVSS0.00476EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/23 5:0 a.m.4 views

CVE-2026-4599

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect...

9.3CVSS5.8AI score0.00476EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/23 5:0 a.m.4 views

CVE-2026-4599

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect...

9.3CVSS5.8AI score0.00476EPSS
Exploits1References6
OSV
OSV
added 2026/03/23 5:0 a.m.4 views

CVE-2026-4599

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect...

9.3CVSS5.9AI score0.00476EPSS
Exploits1References17
CVE
CVE
added 2026/03/23 5:0 a.m.46 views

CVE-2026-4599

JSrsasign versions 7.0.0–11.0.x are vulnerable due to Incomplete Comparison with Missing Factors in src/crypto-1.1.js: getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax perform incorrect compareTo checks that accept out-of-range candidates, biasing DSA nonces and enabling private key r...

9.3CVSS5.8AI score0.00476EPSS
Exploits1References15Affected Software1
Snyk
Snyk
added 2026/02/17 9:2 a.m.6 views

Incomplete Comparison with Missing Factors

Overview org.webjars.npm:jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can...

9.3CVSS5.9AI score0.00476EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2024/12/07 12:0 a.m.4 views

CVE-2024-1544

...

4.9CVSS5.4AI score0.00349EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2024/08/27 7:15 p.m.5 views

CVE-2024-1544

Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor qe by dividing the upper two digits a digit having e....

4.9CVSS5.9AI score0.00349EPSS
Exploits0References3
OSV
OSV
added 2024/08/27 7:15 p.m.2 views

DEBIAN-CVE-2024-1544

Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor qe by dividing the upper two digits a digit having e....

4.9CVSS5.4AI score0.00349EPSS
Exploits0References1
NVD
NVD
added 2024/08/27 7:15 p.m.12 views

CVE-2024-1544

Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor qe by dividing the upper two digits a digit having e....

4.9CVSS0.00349EPSS
Exploits0References2
OSV
OSV
added 2024/08/27 7:15 p.m.3 views

UBUNTU-CVE-2024-1544

Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor qe by dividing the upper two digits a digit having e....

4.9CVSS5.8AI score0.00349EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/08/27 6:44 p.m.35 views

CVE-2024-1544 ECDSA nonce bias caused by truncation

Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor qe by dividing the upper two digits a digit having e....

4.1CVSS4.4AI score0.00349EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/27 6:44 p.m.21 views

CVE-2024-1544 ECDSA nonce bias caused by truncation

Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor qe by dividing the upper two digits a digit having e....

4.1CVSS0.00349EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/04/22 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2024-0140)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.05773EPSS
Exploits0References4
OSV
OSV
added 2024/04/20 6:11 p.m.12 views

MGASA-2024-0140 Updated putty & filezilla packages fix security vulnerability

The PuTTY client and all related components generate heavily biased ECDSA nonces in the case of NIST P-521. To be more precise, the first 9 bits of each ECDSA nonce are zero. This allows for full secret key recovery in roughly 60 signatures by using state-of-the-art techniques. These signatures c...

5.9CVSS5.7AI score0.05773EPSS
Exploits0References3
Mageia
Mageia
added 2024/04/20 6:11 p.m.56 views

Updated putty & filezilla packages fix security vulnerability

The PuTTY client and all related components generate heavily biased ECDSA nonces in the case of NIST P-521. To be more precise, the first 9 bits of each ECDSA nonce are zero. This allows for full secret key recovery in roughly 60 signatures by using state-of-the-art techniques. These signatures c...

5.9CVSS7.2AI score0.05773EPSS
Exploits0References2
NCSC
NCSC
added 2024/04/16 12:0 a.m.6 views

Vulnerability fixed in Putty

Putty has fixed a vulnerability in Putty Client. The vulnerability in Putty is in how the ECDSA nonce is created when using NIST P-521. This makes possible for a malicious person to guess the nonce and use using the signed text to retrieve the private key. Putty is also used in the following...

5.9CVSS9.1AI score0.05773EPSS
Exploits0
Rows per page
Query Builder