The vulnerability of the openssl_private_decrypt() function in the PKCS1 Padding Handler component of the PHP programming language interpreter allows a attacker to execute a Marvin attack.

The vulnerability of the opensslprivatedecrypt function in the PKCS1 Padding Handler component of the PHP programming language interpreter is related to the use of an OpenSSL version that does not include the changes required by the RSAPKCS1IMPLICITREJECTION request. Exploiting this vulnerability...

Medium: opensc

Issue Overview: A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. CVE-2023-5992 The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages...

nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding (Marvin)

A flaw was found in Node.js. The privateDecrypt API of the crypto library may allow a covert timing side-channel during PKCS1 v1.5 padding error handling. This issue revealed significant timing differences in decryption for valid and invalid ciphertexts, which may allow a remote attacker to decry...

DEBIAN-CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

openssl signature forgery

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...

Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding

On some conditions it's possible server's private key to be applied to attacker choosen ciphertext...