ALPINE-CVE-2026-5419

A flaw was found in gnutls. The PKCS7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of...

CVE-2026-5419

A flaw was found in gnutls. The PKCS7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of...

TencentOS Server 3: opensc (TSSA-2024:0084)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0084 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Observable Discrepancy

Overview Affected versions of this package are vulnerable to Observable Discrepancy due to the timing difference between exceptions thrown when processing RSA key exchange handshakes, AKA Marvin. Note: The implemented fix mitigates the leakage of data via the PKCS1 interface, but does not fully...

MGASA-2024-0101 Updated opensc packages fix security vulnerability

Side-channel leaks while stripping encryption PKCS1.5 padding in OpenSC. CVE-2023-5992...

CVE-2023-50979

Crypto++ aka cryptopp through 8.9.0 has a Marvin side channel during decryption with PKCS1 v1.5 padding...