CVE-2019-9153
Published
CVSS v3
N/A
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature.
GitHub