{"api_version":"1","generated_at":"2026-05-13T09:19:58+00:00","cve":"CVE-2020-14967","urls":{"html":"https://cve.report/CVE-2020-14967","api":"https://cve.report/api/cve/CVE-2020-14967.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-14967","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-14967"},"summary":{"title":"CVE-2020-14967","description":"An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. Its RSA PKCS1 v1.5 decryption implementation does not detect ciphertext modification by prepending '\\0' bytes to ciphertexts (it decrypts modified ciphertexts without error). An attacker might prepend these bytes with the goal of triggering memory corruption issues.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2020-06-22 12:15:00","updated_at":"2023-01-28 00:57:00"},"problem_types":["CWE-119"],"metrics":[],"references":[{"url":"https://security.netapp.com/advisory/ntap-20200724-0001/","name":"https://security.netapp.com/advisory/ntap-20200724-0001/","refsource":"CONFIRM","tags":[],"title":"June 2020 Node.js Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://github.com/kjur/jsrsasign/releases/tag/8.0.18","name":"https://github.com/kjur/jsrsasign/releases/tag/8.0.18","refsource":"MISC","tags":["Release Notes","Third Party Advisory"],"title":"Release RSA decryption and RSA signature validation maleability fix · kjur/jsrsasign · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/kjur/jsrsasign/issues/439","name":"https://github.com/kjur/jsrsasign/issues/439","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"The RSA PKCS1 v1.5 decryption implementation does not detect ciphertext modification (prepended 0's bytes to the ciphertext) · Issue #439 · kjur/jsrsasign · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/kjur/jsrsasign/releases/tag/8.0.17","name":"https://github.com/kjur/jsrsasign/releases/tag/8.0.17","refsource":"MISC","tags":["Release Notes","Third Party Advisory"],"title":"Release RSAPSS verification maleability fix and others · kjur/jsrsasign · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.npmjs.com/package/jsrsasign","name":"https://www.npmjs.com/package/jsrsasign","refsource":"MISC","tags":["Product","Third Party Advisory"],"title":"jsrsasign","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://kjur.github.io/jsrsasign/","name":"https://kjur.github.io/jsrsasign/","refsource":"MISC","tags":["Release Notes","Third Party Advisory"],"title":"jsrsasign - cryptography library in JavaScript","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-14967","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14967","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"14967","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"jsrsasign_project","cpe5":"jsrsasign","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"node.js","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"14967","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"jsrsasign_project","cpe5":"jsrsasign","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"node.js","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"14967","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"max_data","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-14967","qid":"980500","title":"Nodejs (npm) Security Update for jsrsasign (GHSA-xxxq-chmp-67g4)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2020-14967","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. Its RSA PKCS1 v1.5 decryption implementation does not detect ciphertext modification by prepending '\\0' bytes to ciphertexts (it decrypts modified ciphertexts without error). An attacker might prepend these bytes with the goal of triggering memory corruption issues."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://kjur.github.io/jsrsasign/","refsource":"MISC","name":"https://kjur.github.io/jsrsasign/"},{"url":"https://www.npmjs.com/package/jsrsasign","refsource":"MISC","name":"https://www.npmjs.com/package/jsrsasign"},{"url":"https://github.com/kjur/jsrsasign/releases/tag/8.0.18","refsource":"MISC","name":"https://github.com/kjur/jsrsasign/releases/tag/8.0.18"},{"url":"https://github.com/kjur/jsrsasign/releases/tag/8.0.17","refsource":"MISC","name":"https://github.com/kjur/jsrsasign/releases/tag/8.0.17"},{"url":"https://github.com/kjur/jsrsasign/issues/439","refsource":"MISC","name":"https://github.com/kjur/jsrsasign/issues/439"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20200724-0001/","url":"https://security.netapp.com/advisory/ntap-20200724-0001/"}]}},"nvd":{"publishedDate":"2020-06-22 12:15:00","lastModifiedDate":"2023-01-28 00:57:00","problem_types":["CWE-119"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:jsrsasign_project:jsrsasign:*:*:*:*:*:node.js:*:*","versionEndExcluding":"8.0.18","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"14967","Ordinal":"176345","Title":"CVE-2020-14967","CVE":"CVE-2020-14967","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"14967","Ordinal":"1","NoteData":"An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. Its RSA PKCS1 v1.5 decryption implementation does not detect ciphertext modification by prepending '\\0' bytes to ciphertexts (it decrypts modified ciphertexts without error). An attacker might prepend these bytes with the goal of triggering memory corruption issues.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"14967","Ordinal":"2","NoteData":"2020-06-22","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"14967","Ordinal":"3","NoteData":"2020-07-24","Type":"Other","Title":"Modified"}]}}}