CVE-2023-46234

CVE-2023-46234 affects the node-browserify-sign package used to provide browser-crypto signing functionality. The root cause is an upper bound check issue in the dsaVerify function, which allows an attacker to construct signatures that can be verified by any public key, enabling a signature forge...