PT-2026-29590

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

PT-2023-35629 · Apache · Apache Poi

Name of the Vulnerable Software and Affected Versions: Apache POI affected versions not specified Description: A security exception occurs in the javax.crypto.spec.SecretKeySpec constructor, which is called by org.apache.poi.poifs.crypt.binaryrc4.BinaryRC4Decryptor.initCipherForBlock. This issue ...