CVE-2026-4601 (GCVE-0-2026-4601)

Vulnerability from cvelistv5 – Published: 2026-03-23 05:00 – Updated: 2026-07-01 12:04
VLAI
Summary
Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-325 - Missing Cryptographic Step
Assigner
Impacted products
Vendor Product Version
n/a jsrsasign Affected: 0 , < 11.1.1 (semver)
Red Hat Migration Toolkit for Virtualization 2.1     cpe:/a:redhat:migration_toolkit_virtualization:2.10::el9
Create a notification for this product.
Red Hat Migration Toolkit for Virtualization 2.9     cpe:/a:redhat:migration_toolkit_virtualization:2.9::el9
Create a notification for this product.
Red Hat Red Hat Quay 3.10     cpe:/a:redhat:quay:3.10::el8
Create a notification for this product.
Red Hat Red Hat Quay 3.12     cpe:/a:redhat:quay:3.12::el8
Create a notification for this product.
Red Hat Red Hat Quay 3.15     cpe:/a:redhat:quay:3.15::el8
Create a notification for this product.
Red Hat Red Hat Quay 3.16     cpe:/a:redhat:quay:3.16::el9
Create a notification for this product.
Red Hat Red Hat Quay 3.9     cpe:/a:redhat:quay:3.9::el8
Create a notification for this product.
Credits
Kr0emer
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-4601",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-23T14:41:01.570897Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-23T14:41:10.087Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:/a:redhat:migration_toolkit_virtualization:2.10::el9"
            ],
            "defaultStatus": "affected",
            "product": "Migration Toolkit for Virtualization 2.1",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:migration_toolkit_virtualization:2.9::el9"
            ],
            "defaultStatus": "affected",
            "product": "Migration Toolkit for Virtualization 2.9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.10::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.10",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.12::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.12",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.15::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.15",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.16::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.16",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.9::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.9",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-03-23T05:00:13.312Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in jsrsasign. An attacker can exploit a missing cryptographic step in the Digital Signature Algorithm (DSA) signing process, specifically within the KJUR.crypto.DSA.signWithMessageHash function. By manipulating the signature generation to force specific values, the library emits an invalid signature without retrying. This vulnerability allows an attacker to recover the private key used for signing."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 8.7,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-325",
                "description": "Missing Cryptographic Step",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-01T12:04:59.134Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-4601"
          },
          {
            "name": "RHBZ#2450209",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450209"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4601.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:19409"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:19410"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:6912"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:6720"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:6568"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:19375"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:6926"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:19409: Migration Toolkit for Virtualization 2.1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:19410: Migration Toolkit for Virtualization 2.9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:6912: Red Hat Quay 3.10"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:6720: Red Hat Quay 3.12"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:6568: Red Hat Quay 3.15"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:19375: Red Hat Quay 3.16"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:6926: Red Hat Quay 3.9"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-03-23T06:01:44.014Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-03-23T05:00:13.312Z",
            "value": "Made public."
          }
        ],
        "title": "jsrsasign: jsrsasign: Private Key Recovery via Missing Cryptographic Step in DSA Signing",
        "workarounds": [
          {
            "lang": "en",
            "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
          }
        ],
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "jsrsasign",
          "vendor": "n/a",
          "versions": [
            {
              "lessThan": "11.1.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Kr0emer"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:P",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.4,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "PROOF_OF_CONCEPT",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-325",
              "description": "Missing Cryptographic Step",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-23T05:00:13.312Z",
        "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
        "shortName": "snyk"
      },
      "references": [
        {
          "url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941"
        },
        {
          "url": "https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586"
        },
        {
          "url": "https://github.com/kjur/jsrsasign/pull/645"
        },
        {
          "url": "https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
    "assignerShortName": "snyk",
    "cveId": "CVE-2026-4601",
    "datePublished": "2026-03-23T05:00:13.312Z",
    "dateReserved": "2026-03-22T16:26:10.973Z",
    "dateUpdated": "2026-07-01T12:04:59.134Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-4601",
      "date": "2026-07-01",
      "epss": "0.003",
      "percentile": "0.21705"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-4601\",\"sourceIdentifier\":\"report@snyk.io\",\"published\":\"2026-03-23T06:16:21.893\",\"lastModified\":\"2026-07-01T13:17:42.230\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.\"},{\"lang\":\"es\",\"value\":\"Las versiones del paquete jsrsasign anteriores a la 11.1.1 son vulnerables a Paso Criptogr\u00e1fico Faltante a trav\u00e9s del proceso KJUR.crypto.DSA.signWithMessageHash en la implementaci\u00f3n de firma DSA. Un atacante puede recuperar la clave privada forzando a r o s a ser cero, de modo que la biblioteca emite una firma inv\u00e1lida sin reintentar, y luego resuelve para x a partir de la firma resultante.\"}],\"affected\":[{\"source\":\"report@snyk.io\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"jsrsasign\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"11.1.1\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Virtualization 2.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:migration_toolkit_virtualization:2.10::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Virtualization 2.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:migration_toolkit_virtualization:2.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.12::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.15::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.9::el8\"]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.8},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.8}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-23T14:41:01.570897Z\",\"id\":\"CVE-2026-4601\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-325\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-325\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kjur:jsrsasign:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"11.1.1\",\"matchCriteriaId\":\"46D62CE4-1F1B-44DF-BFAB-86FE57D7A194\"}]}]}],\"references\":[{\"url\":\"https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kjur/jsrsasign/pull/645\",\"source\":\"report@snyk.io\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941\",\"source\":\"report@snyk.io\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19375\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19409\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19410\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6568\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6720\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6912\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6926\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-4601\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2450209\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4601.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"jsrsasign: jsrsasign: Private Key Recovery via Missing Cryptographic Step in DSA Signing\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:migration_toolkit_virtualization:2.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Virtualization 2.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:migration_toolkit_virtualization:2.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Virtualization 2.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.12::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.15::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.9\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-03-23T06:01:44.014Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-03-23T05:00:13.312Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:19409: Migration Toolkit for Virtualization 2.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19410: Migration Toolkit for Virtualization 2.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6720: Red Hat Quay 3.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6568: Red Hat Quay 3.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19375: Red Hat Quay 3.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6912: Red Hat Quay 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6926: Red Hat Quay 3.9\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-03-23T05:00:13.312Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-4601\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2450209\", \"name\": \"RHBZ#2450209\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4601.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19409\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19410\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6720\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6568\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19375\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6912\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6926\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in jsrsasign. An attacker can exploit a missing cryptographic step in the Digital Signature Algorithm (DSA) signing process, specifically within the KJUR.crypto.DSA.signWithMessageHash function. By manipulating the signature generation to force specific values, the library emits an invalid signature without retrying. This vulnerability allows an attacker to recover the private key used for signing.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-325\", \"description\": \"Missing Cryptographic Step\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-06-30T12:10:39.072Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-4601\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-23T14:41:01.570897Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-23T14:41:07.056Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Kr0emer\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:P\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"exploitCodeMaturity\": \"PROOF_OF_CONCEPT\", \"confidentialityImpact\": \"HIGH\"}, \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 9.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:P\", \"exploitMaturity\": \"PROOF_OF_CONCEPT\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"jsrsasign\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.1\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941\"}, {\"url\": \"https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586\"}, {\"url\": \"https://github.com/kjur/jsrsasign/pull/645\"}, {\"url\": \"https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"cweId\": \"CWE-325\", \"description\": \"Missing Cryptographic Step\"}]}], \"providerMetadata\": {\"orgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"shortName\": \"snyk\", \"dateUpdated\": \"2026-03-23T05:00:13.312Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-4601\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-30T12:10:39.072Z\", \"dateReserved\": \"2026-03-22T16:26:10.973Z\", \"assignerOrgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"datePublished\": \"2026-03-23T05:00:13.312Z\", \"assignerShortName\": \"snyk\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…