GHSA-q3gh-5r98-j4h3

Source

https://github.com/advisories/GHSA-q3gh-5r98-j4h3

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/06/GHSA-q3gh-5r98-j4h3/GHSA-q3gh-5r98-j4h3.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-q3gh-5r98-j4h3

Aliases

CVE-2020-14968

Published

2020-06-26T16:26:50Z

Modified

2023-11-08T04:02:28.196189Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

RSA-PSS signature validation vulnerability by prepending zeros in jsrsasign

Details

Impact

Jsrsasign can verify RSA-PSS signature which value can expressed as BigInteger. When there is a valid RSA-PSS signature value, this vulnerability is also accept value with prepending zeros as a valid signature.

If you are not use RSA-PSS signature validation, this vulnerability is not affected.
Risk to accept a forged or crafted message to be signed is low.
Risk to raise memory corruption is low since jsrsasign uses BigInteger class.

Patches

Users using RSA-PSS signature validation should upgrade to 8.0.17.

Workarounds

Reject RSA-PSS signatures with unnecessary prepending zeros.

References

https://github.com/kjur/jsrsasign/security/advisories/GHSA-q3gh-5r98-j4h3 https://github.com/kjur/jsrsasign/issues/438 https://nvd.nist.gov/vuln/detail/CVE-2020-14968 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14968 https://vuldb.com/?id.157125 https://kjur.github.io/jsrsasign/api/symbols/RSAKey.html#.verifyWithMessageHashPSS

Database specific

{
    "nvd_published_at": "2020-06-22T12:15:00Z",
    "cwe_ids": [
        "CWE-119"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-26T16:19:52Z"
}

References

Affected packages

npm / jsrsasign

Package

Name: jsrsasign; View open source insights on deps.dev
Purl: pkg:npm/jsrsasign

Affected ranges

Type: SEMVER
Events: Introduced

3.0.0

Fixed

8.0.17

Database specific

{
    "last_known_affected_version_range": "< 8.0.16"
}