Tag
high
advisory
Jsrsasign < 11.1.1 Incorrect Conversion Vulnerability (CVE-2026-4602)
2 rules 1 TTPJsrsasign versions before 11.1.1 are vulnerable to an incorrect conversion between numeric types vulnerability, where an attacker can force the computation of incorrect modular inverses and break signature verification by calling modPow with a negative exponent.
jsrsasign
vulnerability
signature-bypass
2r
1t
high
advisory
Jsrsasign Infinite Loop Vulnerability (CVE-2026-4598)
2 rules 1 TTPJsrsasign versions before 11.1.1 are vulnerable to an infinite loop via the bnModInverse function when processing zero or negative inputs, potentially leading to a denial of service.
denial-of-service
javascript
node.js
jsrsasign
vulnerability
2r
1t
critical
advisory
jsrsasign DSA Signing Vulnerability (CVE-2026-4601)
2 rules 1 TTPjsrsasign versions before 11.1.1 are vulnerable to a missing cryptographic step in the DSA signing implementation, allowing an attacker to recover the private key by manipulating the signature generation process.
jsrsasign
dsa
missing-cryptographic-step
CVE-2026-4601
2r
1t