Spoofing OpenPGP.js signature verification
ThomasRinsma Tuesday, June 10, 2025
Summary
The article discusses a vulnerability (CVE-2025-47934) in the OpenPGP.js library, which could allow an attacker to spoof digital signatures. The vulnerability was discovered and responsibly disclosed, and the article provides technical details on the issue and the mitigation steps taken by the OpenPGP.js team.
86
29
Summary
codeanlabs.com