ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding in jsrsasign
- Severity:
- High
Description
Jsrsasign supports ECDSA signature validation which signature value is represented by ASN.1 DER encoding. This vulnerablity may accept a wrong ASN.1 DER encoded ECDSA signature such as:
- wrong multi-byte ASN.1 length of TLV (ex. 0x820045 even though 0x45 is correct)
- prepending zeros with ASN.1 INTEGER value (ex.
Recommendation
Update the jsrsasign package to the latest compatible version. Followings are version details:
- Affected version(s): >= 4.0.0, < 8.0.19
- Patched version(s): 8.0.19
References
- GHSA-p8c3-7rj8-q963
- cve.mitre.org
- kjur.github.io
- vuldb.com
- www.npmjs.com
- security.netapp.com
- CVE-2020-14966
- CWE-347
- CAPEC-310
- OWASP 2021-A2
- OWASP 2021-A6
Related Issues
- RSA-PSS signature validation vulnerability by prepending zeros in jsrsasign - CVE-2020-14968
- JWS and JWT signature validation vulnerability with special characters - CVE-2022-25898
- RSA signature validation vulnerability on maleable encoded message in jsrsasign - CVE-2021-30246
- secp256k1-js implements ECDSA without required r and s validation, leading to signature forgery - CVE-2022-41340
- Tags:
- npm
- jsrsasign
Anything's wrong? Let us know Last updated on January 31, 2023