{
  "schema_version": "1.4.0",
  "id": "GHSA-hfmf-q43v-2ffj",
  "modified": "2021-08-17T22:08:26Z",
  "published": "2019-08-23T21:42:18Z",
  "aliases": [
    "CVE-2019-9154"
  ],
  "summary": "Improper Key Verification in openpgp",
  "details": "Versions of `openpgp` prior to 4.2.0 are vulnerable to Improper Key Verification. The OpenPGP standard allows signature packets to have subpackets which may be hashed or unhashed. Unhashed subpackets are not cryptographically protected and cannot be trusted. The `openpgp` package does not verify whether a subpacket is hashed. Furthermore, due to the order of parsing a signature packet information from unhashed subpackets overwrites information from hashed subpackets. This may allow an attacker to modify the contents of a key certification signature or revocation signature. Doing so could convince a victim to use an obsolete key for encryption. An attack require a victim to import a manipulated key or update an existing key with a manipulated version.\n\n\n## Recommendation\n\nUpgrade to version 4.2.0 or later. \nIf you are upgrading from a version <4.0.0 it is highly recommended to read the `High-Level API Changes` section of the `openpgp` 4.0.0 release: https://github.com/openpgpjs/openpgpjs/releases/tag/v4.0.0",
  "severity": [
    {
      "type": "CVSS_V3",
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openpgp"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.2.0"
            }
          ]
        }
      ],
      "database_specific": {
        "last_known_affected_version_range": "<= 4.1.2"
      }
    }
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9154"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openpgpjs/openpgpjs/pull/797"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openpgpjs/openpgpjs/pull/797/commits/47138eed61473e13ee8f05931119d3e10542c5e1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openpgpjs/openpgpjs/releases/tag/v4.2.0"
    },
    {
      "type": "WEB",
      "url": "https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-openpgp-js"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-OPENPGP-460247"
    },
    {
      "type": "WEB",
      "url": "https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailvelope_Extensions_pdf.html#download=1"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1161"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/154191/OpenPGP.js-4.2.0-Signature-Bypass-Invalid-Curve-Attack.html"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2019-08-23T21:41:08Z",
    "nvd_published_at": null
  }
}