6 matches found
CVE-2026-4603
A flaw was found in jsrsasign. An attacker can exploit a division by zero vulnerability by supplying a specially crafted JSON Web Key JWK whose modulus decodes to zero. This vulnerability can force RSA public-key operations, such as verification and encryption, to produce deterministic zero...
CVE-2026-4603
Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js. An attacker can force RSA public-key operations e.g., verify and encryption to collapse to...
CVE-2026-4603
Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js. An attacker can force RSA public-key operations e.g., verify and encryption to collapse to...
CVE-2026-4603
Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js. An attacker can force RSA public-key operations e.g., verify and encryption to collapse to...
CVE-2026-4603
CVE-2026-4603 affects jsrsasign versions before 11.1.1. The vulnerability stems from the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js, which can cause division by zero and collapse RSA public-key operations (e.g., verify/encrypt) to d...
PT-2026-27059
Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js. An attacker can force RSA public-key operations e.g., verify and encryption to collapse to...