{"vulnerability": "CVE-2020-14966", "sightings": [{"uuid": "4b8f66c9-f122-4d3a-b265-08e60ba82cae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14966", "type": "seen", "source": "https://t.me/arpsyndicate/2919", "content": "#ExploitObserverAlert\n\nCVE-2020-14966\n\nDESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2020-14966. An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It allows a malleability in ECDSA signatures by not checking overflows in the length of a sequence and '0' characters appended or prepended to an integer. The modified signatures are verified as valid. This could have a security-relevant impact if an application relied on a single canonical signature.\n\nFIRST-EPSS: 0.006770000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-19T10:23:20.000000Z"}]}