RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasign
- Severity:
- High
Description
Jsrsasign supports RSA PKCS#1 v1.5 (i.e. RSAES-PKCS1-v1_5) and RSA-OAEP encryption and decryption. Its encrypted message is represented as BigInteger. When there is a valid encrypted message, a crafted message with prepending zeros can be decrypted by this vulnerability.
Recommendation
Update the jsrsasign package to the latest compatible version. Followings are version details:
- Affected version(s): < 8.0.18
- Patched version(s): 8.0.18
References
- GHSA-xxxq-chmp-67g4
- cve.mitre.org
- kjur.github.io
- vuldb.com
- www.npmjs.com
- security.netapp.com
- CVE-2020-14967
- CWE-119
- CAPEC-310
- OWASP 2021-A6
Related Issues
- JWS and JWT signature validation vulnerability with special characters - CVE-2022-25898
- tarteaucitron.js allows UI manipulation via unrestricted CSS injection - CVE-2025-31138
- Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) - Vulnerability
- Predictable results in nanoid generation when given non-integer values - CVE-2024-55565
- Tags:
- npm
- jsrsasign
Anything's wrong? Let us know Last updated on January 31, 2023