Описание
Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect compareTo checks that accept out-of-range candidates and thus bias DSA nonces during signature generation.
Ссылки
- ExploitMitigationThird Party Advisory
- Patch
- Issue Tracking
- Third Party Advisory
Уязвимые конфигурации
EPSS
9.1 Critical
CVSS3
Дефекты
Связанные уязвимости
Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect compareTo checks that accept out-of-range candidates and thus bias DSA nonces during signature generation.
jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation
EPSS
9.1 Critical
CVSS3