GHSA-5W25-HXP5-H8C9 Duplicate Advisory: Improper Verification of Cryptographic Signature

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7r96-8g3x-g36m. This link is maintained to preserve external references. Original Description tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser hashing, random, encryption, decryption,...

Duplicate Advisory: Improper Verification of Cryptographic Signature

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7r96-8g3x-g36m. This link is maintained to preserve external references. Original Description tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser hashing, random, encryption, decryption,...

CVE-2021-32685

tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser hashing, random, encryption, decryption, signatures, conversions, used by TogaTech.org. In versions prior to 7.0.3, the verifyWithMessage method of tEnvoyNaClSigningKey always returns true for any signature that has a SHA-512 ha...

Design/Logic Flaw

tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser hashing, random, encryption, decryption, signatures, conversions, used by TogaTech.org. In versions prior to 7.0.3, the verifyWithMessage method of tEnvoyNaClSigningKey always returns true for any signature that has a SHA-512 ha...