📦 Openpubkey

OpenPubkey library versions before 0.10.0 contain a signature verification bypass vulnerability in JWS (JSON Web Signature) handling. Attackers can forge signatures to impersonate legitimate users or ...

This vulnerability allows attackers to bypass signature verification in OpenPubkey library by crafting malicious JWS tokens. This authentication bypass also affects OPKSSH, potentially allowing unauth...