Jsrsasign_project Jsrsasign
3 CVEs affecting Jsrsasign_project Jsrsasign. Latest disclosed: 2026-03-23. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-4601 | High | 8.7 | 2026-03-23 | Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA sig… |
CVE-2026-4600 | High | 7.4 | 2026-03-23 | Versions of the package jsrsasign before 11.1.1 are vulnerable to Improper Verification of Cryptographic Signature via the DSA domain-parameter validation in K… |
CVE-2026-4603 | Medium | 5.9 | 2026-03-23 | Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigIntege… |