Lucene search
K

10 matches found

OSV
OSV
added 5 days ago4 views

UBUNTU-CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.5AI score0.00367EPSS
Exploits0References6
OSV
OSV
added 6 days ago4 views

DEBIAN-CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.5AI score0.0033EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.3AI score0.00367EPSS
Exploits0References5
Cvelist
Cvelist
added 6 days ago25 views

CVE-2026-50722 IKEv2 Denial of Service via RSA-SHA1 (PKCS#1 RSASSA-PKCS1-v1_5) authentication payload

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS0.0033EPSS
Exploits0References4
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.5AI score0.0033EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.3 views

SUSE CVE-2018-16152

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...

4.8CVSS7.5AI score0.01888EPSS
Exploits0References8
OSV
OSV
added 2018/09/24 12:0 p.m.5 views

UBUNTU-CVE-2018-16151

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS1 v1.5 signature verification. Similar to the flaw in the same version of strongSwa...

7.5CVSS6.7AI score0.01888EPSS
Exploits0References4
OSV
OSV
added 2016/01/13 3:59 p.m.2 views

DEBIAN-CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

5.3CVSS5.4AI score0.07054EPSS
Exploits1References1
OSV
OSV
added 2016/01/13 3:59 p.m.4 views

UBUNTU-CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

5.3CVSS6.4AI score0.07054EPSS
Exploits1References3
Mozilla
Mozilla
added 2006/09/14 12:0 a.m.32 views

RSA Signature Forgery — Mozilla

Philip Mackenzie and Marius Schilder of Google informed us of Daniel Bleichenbacher's recent presentation of a common implementation error in RSA signature verification, a failure to account for extra data in the signature. For signatures with a small exponent such as 3 it is possible for an...

4.3CVSS3.2AI score0.04894EPSS
Exploits1References7Affected Software4
Rows per page
Query Builder