Lucene search
K

40 matches found

OSV
OSV
added 2024/07/16 6:28 a.m.12 views

OPENSUSE-SU-2024:0201-1 Security update for Botan

This update for Botan fixes the following issues: Update to 2.19.5: Fix multiple Denial of service attacks due to X.509 cert processing: CVE-2024-34702 - boo1227238 CVE-2024-34703 - boo1227607 CVE-2024-39312 - boo1227608 Fix a crash in OCB Fix a test failure in compression with certain versions o...

7.5CVSS6AI score0.00845EPSS
Exploits0References7
Node.js
Node.js
added 2021/04/19 3:8 p.m.62 views

Observable timing discrepancy

Overview Overview Affected versions of jose are vulnerable to a Padding Oracle Attack due to Observable Timing Discrepancy. Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

4.3CVSS5.6AI score0.01167EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2021/04/19 3:0 p.m.60 views

Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime

Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. But a possibly observable difference in timing when padding error would occur while...

5.9CVSS2AI score0.01238EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/04/19 2:59 p.m.16 views

GHSA-4V4G-726H-XVFV Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime

Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. But a possibly observable difference in timing when padding error would occur while...

5.9CVSS6AI score0.01238EPSS
Exploits0References4
OSV
OSV
added 2021/04/19 2:58 p.m.32 views

GHSA-94HH-PJJG-RWMR Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime

Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. But a possibly observable difference in timing when padding error would occur while...

5.9CVSS6AI score0.01238EPSS
Exploits0References4
OSV
OSV
added 2021/04/19 2:57 p.m.3 views

GHSA-58F5-HFQC-JGCH Padding Oracle Attack due to Observable Timing Discrepancy in jose

jose is an npm library providing a number of cryptographic operations. Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. But a possibly...

5.9CVSS6.3AI score0.01167EPSS
Exploits0References3
Veracode
Veracode
added 2021/04/19 12:42 a.m.35 views

Padding Oracle Attack

jose-node-cjs-runtime is vulnerable to padding oracle attack. The vulnerability exists as decryption did not fail as soon as hmac verification fails, allowing timing information to be measured by running the CBC decryption with various padding length...

5.9CVSS2.4AI score0.01238EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/04/16 10:15 p.m.47 views

CVE-2021-29446

jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

5.9CVSS0.01238EPSS
Exploits0References2
NVD
NVD
added 2021/04/16 10:15 p.m.49 views

CVE-2021-29445

jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

5.9CVSS0.01238EPSS
Exploits0References2
Prion
Prion
added 2021/04/16 10:15 p.m.21 views

Design/Logic Flaw

jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

4.3CVSS6.7AI score0.01238EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/04/16 10:0 p.m.18 views

CVE-2021-29446 Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime

jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

5.9CVSS6.4AI score0.01238EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/04/16 9:50 p.m.53 views

CVE-2021-29445 Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime

jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

5.9CVSS6.4AI score0.01238EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/04/16 5:35 p.m.71 views

CVE-2021-29443 Padding Oracle Attack due to Observable Timing Discrepancy in jose

jose is an npm library providing a number of cryptographic operations. In vulnerable versions AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. A...

5.9CVSS5.9AI score0.01167EPSS
Exploits0References2
Mageia
Mageia
added 2020/09/27 8:6 p.m.40 views

Updated mbedtls packages fix security vulnerabilities

mbedtls 2.16.8 fixes three security vulnerabilities which could affect earlier releases: Local side channel attack on classical CBC decryption in DTLS CVE-2020-16150. Local side channel attack on RSA and static Diffie-Hellman. Protocol weakness in DHE-PSK key exchange...

5.5CVSS3.7AI score0.00368EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2020/09/01 12:0 a.m.36 views

Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS

Manuel Pégourié-Gonnard reports: When decrypting/authenticating DTLS record in a connection using a CBC ciphersuite without the Encrypt-then-Mac extension RFC 7366, Mbed TLS used dummy rounds of the compression function associated with the hash used for HMAC in order to hide the length of the...

5.5CVSS2.8AI score0.00368EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/08/04 5:12 p.m.6 views

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

4.3CVSS6.6AI score0.99999EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2015/03/05 7:51 a.m.4 views

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

4.3CVSS6.6AI score0.99999EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2015/01/22 9:24 p.m.5 views

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

4.3CVSS6.6AI score0.99999EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2014/12/01 7:23 p.m.11 views

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

4.3CVSS6.6AI score0.99999EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2014/11/19 6:32 p.m.2 views

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

4.3CVSS6.6AI score0.99999EPSS
Exploits7References4
Rows per page
Query Builder