191 matches found
JWCrypto Information Disclosure Vulnerability
JWCrypto is an implementation of the Javascript Object Signing and Encryption JOSE web standard . An information disclosure vulnerability exists in JWCrypto that could be exploited by an attacker to obtain sensitive information...
DEBIAN-CVE-2016-6298
The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...
CVE-2016-6298
The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...
Design/Logic Flaw
The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...
CVE-2016-6298
The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...
PYSEC-2016-4
The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...
UBUNTU-CVE-2016-6298
The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...
CVE-2016-6298
The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...
CVE-2016-6298
The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...
CVE-2016-6298
The CVE-2016-6298 issue affects the jwcrypto Python package, specifically the RSA 1.5 implementation (the _Rsa15 class in jwa.py). Before 0.3.2, it lacks the Random Filling protection mechanism, enabling a remote attacker to potentially obtain cleartext data via a Million Message Attack (MMA). Th...
PT-2016-6819 · None · Jwcrypto
Name of the Vulnerable Software and Affected Versions: jwcrypto versions prior to 0.3.2 Description: The issue concerns the RSA 1.5 algorithm implementation in jwa.py, which lacks the Random Filling protection mechanism. This makes it easier for remote attackers to obtain cleartext data via a...