14 matches found
GHSA-87MP-XC4X-X8RH asymmetricrypt/asymmetricrypt Padding Oracle Vulnerability in RSA Encryption
The encryption and decryption process were vulnerable against the Bleichenbacher's attack, which is a padding oracle vulnerability disclosed in the 98'. The issue was about the wrong padding utilized, which allowed to retrieve the encrypted content. The OPENSSLPKCS1PADDING version, aka PKCS v1.5...
asymmetricrypt/asymmetricrypt Padding Oracle Vulnerability in RSA Encryption
The encryption and decryption process were vulnerable against the Bleichenbacher's attack, which is a padding oracle vulnerability disclosed in the 98'. The issue was about the wrong padding utilized, which allowed to retrieve the encrypted content. The OPENSSLPKCS1PADDING version, aka PKCS v1.5...
CVE-2020-20949
Bleichenbacher's attack on PKCS 1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube UM1924. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the...
CVE-2020-20949
Technical details for CVE-2020-20949 are not publicly available in the provided documents. Monitor for updates from vendors/authorities; current sources repeat the vulnerability description without concrete specifics (affected products, versions, or fixes).
CVE-2020-20950
Bleichenbacher's attack on PKCS 1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable...
CVE-2020-20950
CVE-2020-20950 describes Bleichenbacher’s attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications (2018-11-26). The vulnerability arises when the vulnerable library allows an oracle-like interaction, enabling an attacker to decrypt a ciphertext by iteratively querying the s...
CVE-2020-20950
Bleichenbacher's attack on PKCS 1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable...
SUSE-SU-2020:0576-1 Security update for compat-openssl098
This update for compat-openssl098 fixes the following issues: - Add missing commits for fixes of the 'The 9 Lives of Bleichenbacher's CAT' attack bsc1117951 - Fixed missing BNcopy bsc1160163...
Security Bulletin: Multiple Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.6
Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 8.5.5.6, IBM WebSphere Application Server Hypervisor 8.5.5.6 and IBM WebSphere Application Server Liberty Profile 8.5.5.6. Vulnerability Details CVEID: CVE-2015-0226 DESCRIPTION: Apache WSS4J could...
Information Disclosure
Zendframework and zend-crypt are vulnerable to information disclosure attacks. The library uses the default php $padding which is vulnerable to Bleichenbacher's chosen-ciphertext attack that can be used to decrypt arbitrary ciphertext...
Fedora 23 : php-ZendFramework2 / php-zendframework-zendxml (2016-8952105d59)
" 2.4.10 2016-05-09 - Fix HeaderValue throwing an exception on legal characters 2.4.9 2015-11-23 SECURITY UPDATES - ZF2015-09: Zend\Captcha\Word generates a 'word' for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this vulnerability announcement, the...
Fedora 22 : php-ZendFramework2 / php-zendframework-zendxml (2016-03c0ed3127)
" 2.4.10 2016-05-09 - Fix HeaderValue throwing an exception on legal characters 2.4.9 2015-11-23 SECURITY UPDATES - ZF2015-09: Zend\Captcha\Word generates a 'word' for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this vulnerability announcement, the...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.0 update
Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact...
OpenSSL 0.9.8 < 0.9.8u / 1.0.0 < 1.0.0h Multiple Vulnerabilities
Binary data 6400.prm...