CVE-2019-9154

Опубликовано: 22 авг. 2019

Источник: debian

Описание

Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to pass off unsigned data as signed.

Пакет	Статус	Версия исправления	Релиз	Тип
node-openpgp	itp			package

CVE-2019-9154

CVSS3: 7.5

nvd

больше 6 лет назад

Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to pass off unsigned data as signed.

GHSA-hfmf-q43v-2ffj

CVSS3: 7.5

github

больше 6 лет назад

Improper Key Verification in openpgp