Jsrsasign
Monthly
jsrsasign versions before 11.1.1 contain a division by zero vulnerability in RSA public-key operations caused by improper parsing of JWK moduli that decode to zero. An attacker can supply a malicious JWK to force RSA verify and encryption operations to produce deterministic zero outputs while suppressing invalid key errors, leading to cryptographic bypass and information disclosure. A proof-of-concept exists and the vulnerability has moderate real-world risk due to its low attack complexity and local attack vector.
Private key recovery is possible in jsrsasign versions before 11.1.1 when attackers force invalid DSA signatures with zero r or s values during the signing process. The library fails to validate or retry these malformed signatures, allowing attackers to algebraically solve for the private key x from the emitted signature. Publicly available exploit code exists demonstrating the key recovery technique (EPSS: 0.02%, percentile 5%), though no confirmed active exploitation. Vendor-released patch: version 11.1.1.
jsrsasign versions before 11.1.1 contain a division by zero vulnerability in RSA public-key operations caused by improper parsing of JWK moduli that decode to zero. An attacker can supply a malicious JWK to force RSA verify and encryption operations to produce deterministic zero outputs while suppressing invalid key errors, leading to cryptographic bypass and information disclosure. A proof-of-concept exists and the vulnerability has moderate real-world risk due to its low attack complexity and local attack vector.
Private key recovery is possible in jsrsasign versions before 11.1.1 when attackers force invalid DSA signatures with zero r or s values during the signing process. The library fails to validate or retry these malformed signatures, allowing attackers to algebraically solve for the private key x from the emitted signature. Publicly available exploit code exists demonstrating the key recovery technique (EPSS: 0.02%, percentile 5%), though no confirmed active exploitation. Vendor-released patch: version 11.1.1.