Lucene search
K

4 matches found

EUVD
EUVD
added 21 hours ago6 views

EUVD-2026-41440

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.3AI score
Exploits0References5
CVE
CVE
added yesterday8 views

CVE-2026-50722

Libreswan is affected by CVE-2026-50722 through RSA_authenticate_hash_signature_pkcs1_1_5_rsa, which fails to properly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload uses RSASSA-PKCS1-v1_5 (RFC 8017). This enables a remote attacker to perform a Bleichenbacher-like variati...

8.1CVSS6.3AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-55316

Name of the Vulnerable Software and Affected Versions Libreswan affected versions not specified Description Libreswan fails to correctly verify the DER encoding of the ASN.1 digest within the IKEv2 AUTH payload when using RSASSA-PKCS1-v1 5. This occurs in the RSA authenticate hash signature pkcs1...

8.1CVSS6.5AI score
Exploits0References8
RedHat Linux
RedHat Linux
added 2022/05/10 1:32 p.m.5 views

python: urllib: Regular expression DoS in AbstractBasicAuthHandler

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser connects to, could trigger a Regular Expression Denial of Service ReDOS during an authentication request with a specially crafted payload that is sen...

6.5CVSS6.9AI score0.04675EPSS
Exploits1References8
Rows per page
Query Builder