CVE-2019-9154

Name of the Vulnerable Software and Affected Versions openpgp versions prior to 4.2.0

Description The issue is related to improper verification of cryptographic signatures in OpenPGP.js, allowing an attacker to pass off unsigned data as signed. Specifically, the OpenPGP standard allows signature packets to have subpackets which may be hashed or unhashed, but unhashed subpackets are not cryptographically protected and cannot be trusted. The openpgp package does not verify whether a subpacket is hashed, and due to the order of parsing a signature packet, information from unhashed subpackets overwrites information from hashed subpackets. This may allow an attacker to modify the contents of a key certification signature or revocation signature, potentially convincing a victim to use an obsolete key for encryption. An attack requires a victim to import a manipulated key or update an existing key with a manipulated version.

Recommendations Upgrade to version 4.2.0 or later. If you are upgrading from a version <4.0.0, it is highly recommended to read the High-Level API Changes section of the openpgp 4.0.0 release to ensure a smooth transition.