RSA signature validation vulnerability on maleable encoded message in jsrsasign
- Severity:
- High
Description
Vulnerable jsrsasign will accept RSA signature with improper PKCS#1.5 padding. Decoded RSA signature value consists following form: 01(ff...(8 or more ffs)...ff)00[ASN.1 OF DigestInfo] Its byte length must be the same as RSA key length, however such checking was not sufficient.
To make crafted message for practical attack is very hard.
Recommendation
Update the jsrsasign package to the latest compatible version. Followings are version details:
- Affected version(s): < 10.2.0
- Patched version(s): 10.2.0
References
Related Issues
- Mermaid does not properly sanitize architecture diagram iconText leading to XSS - CVE-2025-54880
- create-choo-app3 is vulnerable to Command Injection via the devInstall function - CVE-2022-25855
- Vue I18n Allows Prototype Pollution in `handleFlatJson` (GHSA-p2ph-7g93-hw3m) 5 - CVE-2025-27597
- Vue I18n Allows Prototype Pollution in `handleFlatJson` (GHSA-p2ph-7g93-hw3m) 4 - CVE-2025-27597
- Tags:
- npm
- jsrsasign
Anything's wrong? Let us know Last updated on September 11, 2023