Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an malicious user to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openpgpjs openpgpjs |