keypair@1.0.2 vulnerabilities

Generate a RSA PEM key pair from pure JS

latest version

1.0.4
latest non vulnerable version

1.0.4
first published

11 years ago
latest version published

3 years ago
licenses detected
- (BSD-2-Clause OR GPL-3.0)
  >=1.0.1
View keypair package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the keypair package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Inadequate Encryption Strength keypair is a Generate a RSA PEM key pair from pure JS Affected versions of this package are vulnerable to Inadequate Encryption Strength. A bug in the pseudo-random number generator allows for weak RSA key generation. This could enable an attacker to decrypt confidential messages or gain authorized access to an account belonging to the victim. How to fix Inadequate Encryption Strength? Upgrade `keypair` to version 1.0.4 or higher.	<1.0.4

Inadequate Encryption Strength

keypair is a Generate a RSA PEM key pair from pure JS

Affected versions of this package are vulnerable to Inadequate Encryption Strength. A bug in the pseudo-random number generator allows for weak RSA key generation. This could enable an attacker to decrypt confidential messages or gain authorized access to an account belonging to the victim.

How to fix Inadequate Encryption Strength?

Upgrade keypair to version 1.0.4 or higher.

<1.0.4

Go back to all versions of this package

keypair@1.0.2 vulnerabilities

Generate a RSA PEM key pair from pure JS

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities