Astra Linux - уязвимость в gnutls28

A timing side-channel vulnerability in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be used to recover the key encrypted in the RSA ciphertext across a network, in a Bleichenbacher-style attack. To successfully decrypt the data, the attacker would...

Astra Linux - уязвимость в nss

The NSS code used for checking PKCS1 v1.5 was leaking information useful for launching Bleichenbacher-style attacks. Both the overall correctness of the padding and the length of the encrypted message were exposed through timing side-channels. By sending a large number of ciphertexts selected by...

Astra Linux - уязвимость в openssl

There exists a timing-based side channel in the OpenSSL RSA Decryption implementation. This vulnerability could be sufficient for an attacker to recover plaintext across a network in a Bleichenbacher-style attack. To successfully decrypt data, an attacker would need to be able to send a very larg...

JLSEC-2026-231 openssl-src subject to Timing Oracle in RSA Decryption

A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages fo...

UBUNTU-CVE-2026-33894

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS1 v1.5 signature verification accepts forged signatures for low public exponent keys e=3. Attackers can forge signatures by stuffing “garbage” bytes within the ASN...

Digital Bazaar Forge 数据伪造问题漏洞

Digital Bazaar Forge is a native implementation of TLS in JavaScript by the American company Digital Bazaar, and it is an open-source tool used for developing encrypted and network-intensive web applications. Versions of Digital Bazaar Forge prior to 1.4.0 had a data manipulation vulnerability...

Forge has signature forgery in RSA-PKCS due to ASN.1 extra field

Summary RSASSA PKCS1 v1.5 signature verification accepts forged signatures for low public exponent keys e=3. Attackers can forge signatures by stuffing “garbage” bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This...

EulerOS Virtualization 2.12.0 : shim (EulerOS-SA-2026-1519)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext acros...

EulerOS Virtualization 2.12.1 : shim (EulerOS-SA-2026-1462)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext acro...

ENS DNSSEC Oracle Vulnerable to RSA Signature Forgery via Missing PKCS#1 v1.5 Padding Validation

Impact The RSASHA256Algorithm and RSASHA1Algorithm contracts fail to validate PKCS1 v1.5 padding structure when verifying RSA signatures. The contracts only check if the last 32 or 20 bytes of the decrypted signature match the expected hash. This enables Bleichenbacher's 2006 signature forgery...

CVE-2026-22866

The CVE describes a critical flaw in Ethereum Name Service (ENS) contracts prior to 1.6.2 where RSASHA256Algorithm and RSASHA1Algorithm fail to properly validate PKCS#1 v1.5 padding, checking only the trailing hash instead of full padding. This enables Bleichenbacher-style signature forgery again...

MiracleLinux 9 : nodejs:20 (AXSA:2024-7667:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7667:01 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP...

CVE-2025-68698 Jervis has an RSA PKCS#1 v1.5 Padding Vulnerability

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses PKCS1Encoding which is vulnerable to Bleichenbacher padding oracle attacks. Modern systems should use OAEP Optimal Asymmetric Encryption Padding. This vulnerability is fixed in 2.2...

CVE-2025-68698

CVE-2025-68698 affects the Jervis library (used by Jenkins Job DSL scripts and shared pipelines). Before version 2.2, Jervis uses PKCS1Encoding, making it vulnerable to Bleichenbacher padding oracle attacks. The issue is mitigated by upgrading to Jervis 2.2 or newer, which switches to OAEP paddin...

GHSA-MQW7-C5GG-XQ97 Jervis Has a RSA PKCS#1 Padding Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL463-L465...

Jervis Has a RSA PKCS#1 Padding Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL463-L465...

ROS-20251215-7306

A vulnerability in the perl-Crypt-OpenSSL-RSA package of Red Hat Enterprise Linux operating systems is related to information disclosure through a mismatch. Exploitation of the vulnerability could allow an attacker acting remotely to implement the Bleichenbacher attack...

TencentOS Server 4: libgcrypt (TSSA-2024:0963)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0963 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Siemens SIMATIC S7-1500 Observable Timing Discrepancy (CVE-2024-2236)

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. This plugin only works with Tenable.ot. Please visit...

EulerOS 2.0 SP11 : shim (EulerOS-SA-2025-2214)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in ...