Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openpgpjs openpgpjs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41037
OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header...
Openpgpjs Openpgpjs
445
VMScore
CVE-2019-9153
Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an malicious user to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature.
Openpgpjs Openpgpjs
1 Github repository
445
VMScore
CVE-2019-9154
Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an malicious user to pass off unsigned data as signed.
Openpgpjs Openpgpjs
383
VMScore
CVE-2019-9155
A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key.
Openpgpjs Openpgpjs
445
VMScore
CVE-2015-8013
s2k.js in OpenPGP.js will decrypt arbitrary messages regardless of passphrase for crafted PGP keys which allows remote malicious users to bypass authentication if message decryption is used as an authentication mechanism via a crafted symmetrically encrypted PGP message.
Openpgpjs Openpgpjs
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started