15 matches found
SUSE CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
SUSE CVE-2025-4658
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-4658
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
Signature Verification Bypass
github.com/openpubkey/opkssh is vulnerable to Signature Verification Bypass. The vulnerability is due to improper verification of JWS structure and signature data caused by incorrect implementation of the JWS signature verification logic, allows an attacker to bypass authentication mechanisms in...
GHSA-56WX-66PX-9J66 OPKSSH Vulnerable to Authentication Bypass
Impact Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5....
DEBIAN-CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-4658
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
CVE-2025-4658
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-4658 Authentication Bypass in OPKSSH
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
CVE-2025-4658
Removed by vendor...
CVE-2025-4658
CVE-2025-4658 affects the OpenPubkey library prior to 0.10.0, which allows a specially crafted JWS to bypass signature verification. Because OPKSSH relies on OpenPubkey for authentication, OPKSSH versions prior to 0.5.0 are also vulnerable and could bypass authentication. Public references in OSV...
PT-2025-20928 · Unknown +1 · Openpubkey +1
Name of the Vulnerable Software and Affected Versions: OpenPubkey library versions prior to 0.10.0 OPKSSH versions prior to 0.5.0 Description: The issue allows a specially crafted JWS to bypass signature verification. This affects OPKSSH as it depends on the OpenPubkey library for authentication,...