RSA-PSS signature validation vulnerability by prepending zeros in jsrsasign
- Severity:
- High
Description
Jsrsasign can verify RSA-PSS signature which value can expressed as BigInteger. When there is a valid RSA-PSS signature value, this vulnerability is also accept value with prepending zeros as a valid signature.
- If you are not use RSA-PSS signature validation, this vulnerability is not affected.
Recommendation
Update the jsrsasign package to the latest compatible version. Followings are version details:
- Affected version(s): >= 3.0.0, < 8.0.16
- Patched version(s): 8.0.17
References
- GHSA-q3gh-5r98-j4h3
- cve.mitre.org
- kjur.github.io
- vuldb.com
- www.npmjs.com
- security.netapp.com
- CVE-2020-14968
- CWE-119
- CAPEC-310
- OWASP 2021-A6
Related Issues
- Webrecorder packages are vulnerable to XSS through 404 error handling logic - CVE-2025-58765
- DOM Clobbering Gadget found in astro's client-side router that leads to XSS - CVE-2024-47885
- @strapi/plugin-content-manager leaks data via relations via the Admin Panel - CVE-2024-29181
- Potential leakage of Sentry auth tokens by React Native SDK with Expo plugin - Vulnerability
- Tags:
- npm
- jsrsasign
Anything's wrong? Let us know Last updated on January 27, 2023