37 matches found
UBUNTU-CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
Authentication Bypass by Primary Weakness
Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness due to the improper handling of JWS signature verification. An attacker can bypass security checks and authenticate using a specially crafted JWS without valid credentials. Note: CVE-2025-4658 i...
Authentication Bypass by Primary Weakness
Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness due to the improper handling of JWS signature verification. An attacker can gain unauthorized access by submitting a specially crafted JWS that bypasses the signature check. This is only...
CVE-2025-4658 Authentication Bypass in OPKSSH
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
CVE-2025-4658 Authentication Bypass in OPKSSH
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
CVE-2025-4658
CVE-2025-4658 affects the OpenPubkey library prior to 0.10.0, which allows a specially crafted JWS to bypass signature verification. Because OPKSSH relies on OpenPubkey for authentication, OPKSSH versions prior to 0.5.0 are also vulnerable and could bypass authentication. Public references in OSV...
CVE-2025-4658 Authentication Bypass in OPKSSH
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
CVE-2025-4658
Removed by vendor...
CVE-2025-3757 Authentication Bypass in OpenPubKey
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-3757 Authentication Bypass in OpenPubKey
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-3757 Authentication Bypass in OpenPubKey
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-3757
OpenPubkey library, versions prior to 0.10.0, contain a vulnerability that allows a specially crafted JWS to bypass signature verification. This is documented across multiple connected sources (e.g., OSV/GHSA entries) and is the root cause described by CVE-2025-3757. Impact is high for confidenti...
CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
OpenPubkey 安全漏洞
OpenPubkey is an OpenPubkey reference implementation of OpenPubkey open source. A security vulnerability exists in OpenPubkey versions prior to 0.10.0 and OPKSSH versions prior to 0.5.0, which stems from a specially crafted JWS that can bypass signature verification and may result in bypassing...
PT-2025-20928 · Unknown +1 · Openpubkey +1
Name of the Vulnerable Software and Affected Versions: OpenPubkey library versions prior to 0.10.0 OPKSSH versions prior to 0.5.0 Description: The issue allows a specially crafted JWS to bypass signature verification. This affects OPKSSH as it depends on the OpenPubkey library for authentication,...
PT-2025-20927 · Unknown · Openpubkey
Name of the Vulnerable Software and Affected Versions: OpenPubkey versions prior to 0.10.0 Description: The issue allows a specially crafted JWS to bypass signature verification. Recommendations: For versions prior to 0.10.0, update to version 0.10.0 or later to resolve the issue. As a temporary...
OpenPubkey 安全漏洞
OpenPubkey is an OpenPubkey reference implementation of OpenPubkey open source. A security vulnerability exists in OpenPubkey versions prior to 0.10.0, which stems from a specially crafted JWS that can bypass signature verification...