jsrsasign is vulnerable to DoS through Infinite Loop when processing zero or negative inputs

Versions of the package jsrsasign before 11.1.1 are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker to hang the process permanently by supplying such crafted values e.g.,...

CVE-2026-4598

CVE-2026-4598 affects the JavaScript crypto library jsrsasign. Versions before 11.1.1 are vulnerable to an infinite loop in bnModInverse (ext/jsbn2.js) when BigInteger.modInverse receives zero or negative inputs, allowing a process to hang. The issue is caused by input handling in modInverse, lea...

Siren Investigate 代码问题漏洞

Siren Investigate is a front-end to the Siren platform from Siren Ireland, allowing the creation of dashboards, charts, link analysis, alerts, etc. A cross-site request forgery vulnerability exists in versions of Siren Investigate prior to 11.1.1, which can be exploited by an attacker to specify...

PT-2021-14432 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 6.2.57 TYPO3 versions prior to 7.6.51 TYPO3 versions prior to 8.7.40 TYPO3 versions prior to 9.5.25 TYPO3 versions prior to 10.4.14 TYPO3 versions prior to 11.1.1 Description: The Login Handling in TYPO3 is susceptible...