Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication Bypass in OPKSSH
Vulnerability Description
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and would allow an attacker to bypass OPKSSH authentication.
CVSS Information
N/A
Vulnerability Type
使用基本弱点进行的认证绕过
Vulnerability Title
OpenPubkey 安全漏洞
Vulnerability Description
OpenPubkey是OpenPubkey开源的一个OpenPubkey的参考实现。 OpenPubkey 0.10.0之前版本和OPKSSH 0.5.0之前版本存在安全漏洞,该漏洞源于特制JWS可绕过签名验证,可能导致绕过OPKSSH身份验证。
CVSS Information
N/A
Vulnerability Type
N/A