We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Package Name: jsrsasign Package Version: ['8.0.24'] Package Manager: npm Target File: package.json Severity Level: medium Snyk ID: SNYK-JS-JSRSASIGN-1244072 Snyk CVE: CVE-2021-30246 Snyk CWE: CWE-521 Link to issue in Snyk: https://app.snyk.io/org/cse_snyk-playground/project/3af44f44-d085-4709-afa8-a4bc1c966aa1 Snyk Description: ## Overview jsrsasign is a free pure JavaScript cryptographic library.
Affected versions of this package are vulnerable to Cryptographic Weakness. Invalid RSA PKCS#1 v1.5 signatures are mistakenly recognized to be valid.
Upgrade jsrsasign to version 10.1.13 or higher.
jsrsasign
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Package Name: jsrsasign
Package Version: ['8.0.24']
Package Manager: npm
Target File: package.json
Severity Level: medium
Snyk ID: SNYK-JS-JSRSASIGN-1244072
Snyk CVE: CVE-2021-30246
Snyk CWE: CWE-521
Link to issue in Snyk: https://app.snyk.io/org/cse_snyk-playground/project/3af44f44-d085-4709-afa8-a4bc1c966aa1
Snyk Description: ## Overview
jsrsasign is a free pure JavaScript cryptographic library.
Affected versions of this package are vulnerable to Cryptographic Weakness. Invalid RSA PKCS#1 v1.5 signatures are mistakenly recognized to be valid.
Remediation
Upgrade
jsrsasignto version 10.1.13 or higher.References
The text was updated successfully, but these errors were encountered: