jsrsasign vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-4600Highjsrsasign: jsrsasign: DSA signatures or X.509 certificates can be forged via DSA domain-parameter validation…CVE-2026-4599Criticaljsrsasign: jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce GenerationCVE-2026-4603Lowjsrsasign: jsrsasign: Division by Zero Allows Invalid JWK Modulus to Cause Deterministic Zero Output in RSA…CVE-2026-4602Highjsrsasign: jsrsasign: Negative Exponent Handling Leads to Signature Verification BypassCVE-2026-4598Highjsrsasign: jsrsasign is vulnerable to DoS through Infinite Loop when processing zero or negative inputsCVE-2026-4601Highjsrsasign: jsrsasign: Missing cryptographic validation during DSA signing enables private key extractionCVE-2024-21484Highjsrsasign: Marvin Attack of RSA and RSAOAEP decryption in jsrsasignCVE-2022-25898Highjsrsasign: JWS and JWT signature validation vulnerability with special charactersGHSA-H87Q-G2WP-47PJMediumjsrsasign: Signatures are mistakenly recognized to be valid in jsrsasignCVE-2021-30246Criticaljsrsasign: RSA signature validation vulnerability on maleable encoded message in jsrsasignGHSA-G753-JX37-7XWHMediumjsrsasign: ECDSA signature vulnerability of Minerva timing attack in jsrsasignCVE-2020-14966Highjsrsasign: ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding in jsrsasignCVE-2020-14967Criticaljsrsasign: RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasignCVE-2020-14968Criticaljsrsasign: RSA-PSS signature validation vulnerability by prepending zeros in jsrsasign

Stop the waste.
Protect your environment with Kodem.