Skip to main content

Jsrsasign CVE-2026-4599

| EUVDEUVD-2026-14373 CRITICAL
Incomplete Comparison with Missing Factors (CWE-1023)
2026-03-23 snyk GHSA-5jx8-q4cp-rhh6
9.3
CVSS 4.0 · Vendor: snyk
Share

Severity by source

Vendor (snyk) PRIMARY
9.3 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Red Hat
9.1 HIGH
qualitative

Primary rating from Vendor (snyk).

CVSS VectorVendor: snyk

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

6
Re-analysis Queued
Jun 22, 2026 - 03:22 vuln.today
cvss_changed
CVSS changed
Jun 22, 2026 - 03:22 NVD
9.1 (CRITICAL) 9.3 (CRITICAL)
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 23, 2026 - 05:45 euvd
EUVD-2026-14373
Analysis Generated
Mar 23, 2026 - 05:45 vuln.today
CVE Published
Mar 23, 2026 - 05:00 nvd
CRITICAL 9.1

DescriptionCVE.org

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect compareTo checks that accept out-of-range candidates and thus bias DSA nonces during signature generation.

AnalysisAI

The jsrsasign JavaScript cryptographic library contains a critical vulnerability in its random number generation functions that allows attackers to recover private DSA keys through nonce bias exploitation. Versions 7.0.0 through 11.1.0 are affected. A proof-of-concept is publicly available (referenced in GitHub Gist), demonstrating the attack feasibility, and the vulnerability requires no authentication or user interaction for remote exploitation.

Technical ContextAI

jsrsasign is a widely-used pure JavaScript implementation of cryptographic operations including RSA, DSA, ECC, and X.509 certificates, commonly deployed in Node.js applications and browser-based cryptography. The vulnerability stems from CWE-1023 (Incomplete Comparison with Missing Factors) in the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions within src/crypto-1.1.js. These functions incorrectly validate randomly generated numbers through flawed compareTo checks, allowing out-of-range values to be accepted as valid candidates. When used for DSA signature generation, this flaw creates a measurable bias in the nonce values, which can be exploited through mathematical analysis of multiple signatures to extract the private signing key, fundamentally breaking the security guarantees of DSA.

RemediationAI

Immediately upgrade jsrsasign to version 11.1.1 or later, which addresses the flawed random number generation logic through the fix implemented in GitHub pull request 647 (https://github.com/kjur/jsrsasign/pull/647) and committed as ee4b013478366cb16cea9a4bdfb218b6077f83b1 (https://github.com/kjur/jsrsasign/commit/ee4b013478366cb16cea9a4bdfb218b6077f83b1). Review the Snyk advisory at https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370939 for additional guidance. Organizations unable to immediately upgrade should rotate all DSA keys that were generated or used with affected versions, as previously generated signatures may have already leaked information about the private key. Consider migrating from DSA to more modern signature algorithms like ECDSA or EdDSA where feasible, as DSA is increasingly deprecated in favor of more robust alternatives.

CVE-2020-14968 CRITICAL POC
9.8 Jun 22

An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Rated critical severity (CVSS 9.8), this vul

CVE-2020-14967 CRITICAL POC
9.8 Jun 22

An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. Rated critical severity (CVSS 9.8), this vul

CVE-2022-25898 CRITICAL POC
9.8 Jul 01

The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT

CVE-2020-14966 HIGH POC
7.5 Jun 22

An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. Rated high severity (CVSS 7.5), this vulner

CVE-2024-21484 MEDIUM POC
5.9 Jan 22

Versions of the package jsrsasign before 11.0.0 are vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP

CVE-2021-30246 CRITICAL
9.1 Apr 07

In the jsrsasign package through 10.1.13 for Node.js, some invalid RSA PKCS#1 v1.5 signatures are mistakenly recognized

CVE-2026-4601 HIGH
8.8 Mar 23

Private key recovery is possible in jsrsasign versions before 11.1.1 when attackers force invalid DSA signatures with ze

CVE-2026-4600 HIGH
8.1 Mar 23

Cryptographic signature bypass in jsrsasign before 11.1.1 allows remote attackers to forge DSA signatures and X.509 cert

CVE-2026-4598 HIGH
7.7 Mar 23

The jsrsasign JavaScript library contains an infinite loop vulnerability in the BigInteger.modInverse function that allo

CVE-2026-4602 HIGH
7.7 Mar 23

The jsrsasign JavaScript library before version 11.1.1 contains a vulnerability that allows attackers to break signature

CVE-2026-4603 LOW POC
2.0 Mar 23

jsrsasign versions before 11.1.1 contain a division by zero vulnerability in RSA public-key operations caused by imprope

Vendor StatusVendor

Share

CVE-2026-4599 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy