[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-46234":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":28,"duplicate_of":9,"upstream":30,"downstream":31,"duplicates":46,"related":47,"reserved_at":9,"published_at":50,"modified_at":51,"state":52,"summary":53,"references_raw":62,"kevs":112,"epss":113,"epss_history":116,"metrics":380,"affected":394},"CVE-2023-46234","browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-347","Improper Verification of Cryptographic Signature","The product does not verify, or incorrectly verifies, the cryptographic signature for data.","weakness","Draft","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-463","Padding Oracle Crypto Attack",[],{"id":24,"name":25,"techniques":26},"CAPEC-475","Signature Spoofing by Improper Validation",[],[],[29],"GHSA-x9w5-v3q2-3rhw",[],[32,34,36,38,40,42,44],{"_key":33},"UBUNTU-CVE-2023-46234",{"_key":35},"USN-6800-1",{"_key":37},"OPENSUSE-SU-2025:14663-1",{"_key":39},"DLA-3635-1",{"_key":41},"DSA-5539-1",{"_key":43},"MGASA-2025-0194",{"_key":45},"DEBIAN-CVE-2023-46234",[],[48,49],{"_key":37},{"_key":43},"2023-10-26T14:31:35.895Z","2025-02-13T17:14:23.092Z","Analyzed",{"cisa_kev":54,"cisa_ransomware":54,"cisa_vendor":9,"epss_severity":55,"epss_score":56,"severity":57,"severity_score":58,"severity_version":59,"severity_source":60,"severity_vector":61,"severity_status":52},false,"low",0.00527,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",[63,72,77,81,85,90,94,99,104,108],{"url":64,"sources":65,"tags":68},"https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw",[66,60,67],"cve.org","osv_npm",[69,70,71],"X Refsource CONFIRM","Third Party Advisory","WEB",{"url":73,"sources":74,"tags":75},"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30",[66,60,67],[76,70,71],"X Refsource MISC",{"url":78,"sources":79,"tags":80},"https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html",[66,60,67],[70,71],{"url":82,"sources":83,"tags":84},"https://www.debian.org/security/2023/dsa-5539",[66,60,67],[70,71],{"url":86,"sources":87,"tags":88},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/",[66,60],[89],"Release Notes",{"url":91,"sources":92,"tags":93},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/",[66,60],[89],{"url":95,"sources":96,"tags":97},"https://nvd.nist.gov/vuln/detail/CVE-2023-46234",[67],[98],"Advisory",{"url":100,"sources":101,"tags":102},"https://github.com/browserify/browserify-sign",[67],[103],"PACKAGE",{"url":105,"sources":106,"tags":107},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2",[67],[71],{"url":109,"sources":110,"tags":111},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ",[67],[71],[],{"date":114,"score":56,"percentile":115},"2026-06-04",0.67386,[117,121,124,127,130,133,136,139,143,146,150,153,156,158,160,164,167,170,173,176,179,182,185,188,190,193,196,199,202,205,208,210,213,215,218,221,224,227,230,233,236,238,241,244,246,249,252,255,258,261,264,267,270,273,277,280,282,285,288,291,294,297,300,302,305,308,311,314,316,319,322,325,328,331,334,337,340,343,346,348,351,354,357,360,363,366,369,371,374,377],{"date":118,"score":119,"percentile":120},"2025-11-04",0.00349,0.56752,{"date":122,"score":119,"percentile":123},"2025-11-05",0.56729,{"date":125,"score":119,"percentile":126},"2025-11-06",0.56731,{"date":128,"score":119,"percentile":129},"2025-11-07",0.56744,{"date":131,"score":119,"percentile":132},"2025-11-08",0.56748,{"date":134,"score":119,"percentile":135},"2025-11-09",0.56737,{"date":137,"score":119,"percentile":138},"2025-11-10",0.56712,{"date":140,"score":141,"percentile":142},"2025-11-11",0.00379,0.58703,{"date":144,"score":141,"percentile":145},"2025-11-12",0.58728,{"date":147,"score":148,"percentile":149},"2025-11-13",0.00514,0.65695,{"date":151,"score":148,"percentile":152},"2025-11-14",0.65704,{"date":154,"score":148,"percentile":155},"2025-11-15",0.657,{"date":157,"score":148,"percentile":149},"2025-11-16",{"date":159,"score":148,"percentile":149},"2025-11-17",{"date":161,"score":162,"percentile":163},"2025-11-18",0.00505,0.63599,{"date":165,"score":162,"percentile":166},"2025-11-19",0.63612,{"date":168,"score":162,"percentile":169},"2025-11-20",0.63614,{"date":171,"score":148,"percentile":172},"2025-11-21",0.65711,{"date":174,"score":148,"percentile":175},"2025-11-22",0.65717,{"date":177,"score":148,"percentile":178},"2025-11-23",0.65703,{"date":180,"score":148,"percentile":181},"2025-11-24",0.65689,{"date":183,"score":148,"percentile":184},"2025-11-25",0.65692,{"date":186,"score":148,"percentile":187},"2025-11-26",0.65698,{"date":189,"score":148,"percentile":178},"2025-11-27",{"date":191,"score":148,"percentile":192},"2025-11-28",0.65688,{"date":194,"score":148,"percentile":195},"2025-11-29",0.65669,{"date":197,"score":148,"percentile":198},"2025-11-30",0.65665,{"date":200,"score":148,"percentile":201},"2025-12-01",0.65824,{"date":203,"score":148,"percentile":204},"2025-12-02",0.65841,{"date":206,"score":148,"percentile":207},"2025-12-03",0.6584,{"date":209,"score":148,"percentile":195},"2025-12-04",{"date":211,"score":148,"percentile":212},"2025-12-05",0.65683,{"date":214,"score":148,"percentile":181},"2025-12-06",{"date":216,"score":148,"percentile":217},"2025-12-07",0.65686,{"date":219,"score":148,"percentile":220},"2025-12-08",0.65691,{"date":222,"score":148,"percentile":223},"2025-12-09",0.65721,{"date":225,"score":148,"percentile":226},"2025-12-10",0.65769,{"date":228,"score":148,"percentile":229},"2025-12-11",0.65789,{"date":231,"score":148,"percentile":232},"2025-12-12",0.65812,{"date":234,"score":148,"percentile":235},"2025-12-13",0.6582,{"date":237,"score":148,"percentile":235},"2025-12-14",{"date":239,"score":148,"percentile":240},"2025-12-15",0.65816,{"date":242,"score":148,"percentile":243},"2025-12-16",0.65825,{"date":245,"score":148,"percentile":204},"2025-12-17",{"date":247,"score":148,"percentile":248},"2025-12-18",0.65879,{"date":250,"score":148,"percentile":251},"2025-12-19",0.65894,{"date":253,"score":148,"percentile":254},"2025-12-20",0.65891,{"date":256,"score":148,"percentile":257},"2025-12-21",0.65883,{"date":259,"score":148,"percentile":260},"2025-12-22",0.65882,{"date":262,"score":148,"percentile":263},"2025-12-23",0.65878,{"date":265,"score":148,"percentile":266},"2025-12-24",0.65888,{"date":268,"score":148,"percentile":269},"2025-12-25",0.65919,{"date":271,"score":148,"percentile":272},"2025-12-26",0.65918,{"date":274,"score":275,"percentile":276},"2025-12-27",0.0052,0.66216,{"date":278,"score":148,"percentile":279},"2025-12-28",0.65892,{"date":281,"score":148,"percentile":257},"2025-12-29",{"date":283,"score":148,"percentile":284},"2025-12-30",0.659,{"date":286,"score":148,"percentile":287},"2025-12-31",0.65923,{"date":289,"score":148,"percentile":290},"2026-01-01",0.66101,{"date":292,"score":148,"percentile":293},"2026-01-02",0.66082,{"date":295,"score":148,"percentile":296},"2026-01-03",0.66084,{"date":298,"score":148,"percentile":299},"2026-01-04",0.65914,{"date":301,"score":148,"percentile":284},"2026-01-05",{"date":303,"score":148,"percentile":304},"2026-01-06",0.65909,{"date":306,"score":148,"percentile":307},"2026-01-07",0.65931,{"date":309,"score":148,"percentile":310},"2026-01-08",0.65945,{"date":312,"score":148,"percentile":313},"2026-01-09",0.65954,{"date":315,"score":148,"percentile":313},"2026-01-10",{"date":317,"score":148,"percentile":318},"2026-01-11",0.65943,{"date":320,"score":148,"percentile":321},"2026-01-12",0.65928,{"date":323,"score":148,"percentile":324},"2026-01-13",0.65925,{"date":326,"score":148,"percentile":327},"2026-01-14",0.65961,{"date":329,"score":148,"percentile":330},"2026-01-15",0.65963,{"date":332,"score":148,"percentile":333},"2026-01-16",0.65981,{"date":335,"score":148,"percentile":336},"2026-01-17",0.6597,{"date":338,"score":148,"percentile":339},"2026-01-18",0.65955,{"date":341,"score":148,"percentile":342},"2026-01-19",0.65939,{"date":344,"score":148,"percentile":345},"2026-01-20",0.65951,{"date":347,"score":148,"percentile":330},"2026-01-21",{"date":349,"score":148,"percentile":350},"2026-01-22",0.65973,{"date":352,"score":148,"percentile":353},"2026-01-23",0.66005,{"date":355,"score":148,"percentile":356},"2026-01-24",0.66012,{"date":358,"score":148,"percentile":359},"2026-01-25",0.65977,{"date":361,"score":148,"percentile":362},"2026-01-26",0.65969,{"date":364,"score":148,"percentile":365},"2026-01-27",0.65978,{"date":367,"score":148,"percentile":368},"2026-01-28",0.65989,{"date":370,"score":148,"percentile":368},"2026-01-29",{"date":372,"score":148,"percentile":373},"2026-01-30",0.66,{"date":375,"score":148,"percentile":376},"2026-01-31",0.66002,{"date":378,"score":148,"percentile":379},"2026-02-01",0.66149,[381,388,392],{"source":66,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":382,"cvss_v4_0":9},{"baseScore":383,"baseSeverity":384,"vectorString":385,"impactScore":386,"exploitabilityScore":387},6.5,"MEDIUM","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",4.2,10,{"source":60,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":389,"cvss_v4_0":9},{"baseScore":58,"baseSeverity":390,"vectorString":61,"impactScore":391,"exploitabilityScore":387},"HIGH",6,{"source":67,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":393,"cvss_v4_0":9},{"baseScore":58,"baseSeverity":9,"vectorString":61,"impactScore":391,"exploitabilityScore":387},[395,411,421],{"ecosystem":9,"name":396,"vendor":397,"product":396,"cpe_part":398,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":399},"browserify-sign","browserify","a",[400,406],{"version":401,"is_range":402,"range_type":66,"version_start":403,"version_start_type":404,"version_end":405,"version_end_type":404,"fixed_in":9},">= 2.6.0, \u003C= 4.2.1",true,"2.6.0","including","4.2.1",{"version":407,"is_range":402,"range_type":408,"version_start":9,"version_start_type":9,"version_end":409,"version_end_type":410,"fixed_in":9},"lt4.2.2","cpe","4.2.2","excluding",{"ecosystem":9,"name":412,"vendor":413,"product":414,"cpe_part":415,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":416},"debian linux","debian","debian_linux","o",[417,419],{"version":418,"is_range":54,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"version":420,"is_range":54,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0",{"ecosystem":422,"name":396,"vendor":422,"product":396,"cpe_part":9,"purl_type":423,"purl_namespace":9,"purl_name":396,"source":9,"versions":424},"Npm","npm",[425],{"version":426,"is_range":402,"range_type":427,"version_start":403,"version_start_type":404,"version_end":409,"version_end_type":410,"fixed_in":9},"gte2_6_0_lt4_2_2","semver"]