CVE advisoryCRITICAL
CVE-2022-25898
JSRSASIGN Improper Signature Verification Vulnerability.
Halo Surface Signal: 3 out of 5 — possibly public-facing.
The `jsrsasign` library is vulnerable to improper cryptographic signature verification, potentially allowing invalid signatures to be accepted. This could impact the integrity of data processed by applications using this library for JWS or JWT validation. Uncertainty remains regarding specific product versions and expl