UBUNTU-CVE-2024-30171

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing...

openssl: Padding oracle in AES-NI CBC MAC check

It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by...