5 matches found
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS1 1.5 and OAEP decryption process a.k.a. Marvin Attack. An attacker can recover cipher-texts via a side-channe...
bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS1 1.5 and OAEP decryption process a.k.a. Marvin Attack. An attacker can recover cipher-texts via a side-channe...
OESA-2024-1053 python-pycryptodomex security update
PyCryptodome is a self-contained Python package of low-level cryptographic primitives. Security Fixes: PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.CVE-2023-52323...
SUSE CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...