Vulnerabilities > Jsrsasign Project > Jsrsasign > 4.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-22 | CVE-2024-21484 | Information Exposure Through Discrepancy vulnerability in Jsrsasign Project Jsrsasign Versions of the package jsrsasign before 11.0.0 are vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process. | 5.9 |
| 2021-04-07 | CVE-2021-30246 | Improper Verification of Cryptographic Signature vulnerability in Jsrsasign Project Jsrsasign In the jsrsasign package through 10.1.13 for Node.js, some invalid RSA PKCS#1 v1.5 signatures are mistakenly recognized to be valid. | 9.1 |
| 2020-06-22 | CVE-2020-14968 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. | 9.8 |
| 2020-06-22 | CVE-2020-14967 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. | 9.8 |
| 2020-06-22 | CVE-2020-14966 | Improper Verification of Cryptographic Signature vulnerability in multiple products An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. | 7.5 |