GHSA-XXXQ-CHMP-67G4 RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasign
Impact Jsrsasign supports RSA PKCS1 v1.5 i.e. RSAES-PKCS1-v15 and RSA-OAEP encryption and decryption. Its encrypted message is represented as BigInteger. When there is a valid encrypted message, a crafted message with prepending zeros can be decrypted by this vulnerability. - If you don't use RSA...