Subj : openpgp.js vulnerability
To : All
From : August Abolins
Date : Sun May 25 2025 11:30 am
Best to patch up!
There is a CVE-2025-47934 issued for the openpgp.js issue
mentioned a few days ago.
People using Mailvelop, Flowcrypt, Mymail-crypt, UDC,
Encrypt.to, PGP Anywhere, passbolt ..should be wary.
Protonmali seems to be using one of the openpgp.js packages out
there too, but I cannot confirm which one.
""Proton Mail uses version 3.0 of OpenPGPjs. This version,
released in March 2018, includes improvements that enable full
interoperability with PGP and allows for better overall
functionality, as outlined by Proton." ..that's their
statement from 2018.
So.. does Protonmail use this one..
https://github.com/ProtonMail/gopenpgp ?
Or this one..
https://Github.com/openpgpjs/openpgpjs ..has 6.1.0.
"In technical terms, the vulnerability arises because
OpenPGP.js fails to correctly associate the extracted message
data with its actual signature during verification. This
oversight allows attackers to manipulate the content of a
message while retaining a valid signature from a previous,
unrelated message.
"In order to spoof a message," the advisory explains, "the
attacker needs a single valid message signature (inline or
detached) as well as the plaintext data that was legitimately
signed. They can then construct an inline-signed or signed-and-
encrypted message containing any data of their choice, which
will appear as legitimately signed."
"This means a bad actor can reuse a valid signature to forge
new content that appears authentic to the recipient, bypassing
the trust model OpenPGP is built upon.
Mozilla's Response and Patches
In response to these vulnerabilities, Mozilla has issued
security patches for the following versions:
Mozilla Firefox 134
Mozilla Thunderbird 134
Firefox ESR 115.19 and 128.6
Thunderbird ESR 115.19 and 128.6
https://thecyberexpress.com/critical-vulnerabilities-in-mozilla-products/
--- OpenXP 5.0.64
* Origin: (1:396/45.29)
SEEN-BY: 19/25 105/81 106/201 987 124/5016 128/187 129/14 305 130/330
