Authlib 加密问题漏洞

Authlib is an open-source library developed by Authlib, designed as a ultimate Python library for building OAuth and OpenID Connect servers. Versions of Authlib prior to 1.6.9 contained a security vulnerability related to encryption. This vulnerability stemmed from a cryptographic padding mechani...

PT-2026-2495

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses padLeft32, '0' when it should use padLeft64, '0' because SHA-256 produces 32 bytes which equates to 64 hex characters. This vulnerability is fixed in 2.2...

PT-2026-25780

Name of the Vulnerable Software and Affected Versions Authlib versions prior to 1.6.9 Description Authlib, a Python library for building OAuth and OpenID Connect servers, contains a cryptographic padding oracle vulnerability in the implementation of the JSON Web Encryption JWE RSA1 5 key manageme...

Padding Oracle Attack

org.apache.druid.extensions : druid-pac4j and org.apache.druid : druid-processing is vulnerable to Padding Oracle Attack. The vulnerability is caused due to improper handling of cryptographic padding in the druid-pac4j extension, which could allow an attacker to manipulate a pac4j session cookie...

Google Go Security Vulnerability

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. A security vulnerability exists in Google Go versions prior to 1.20, which stems from the fact that deleting PKCS1 padding can lead to the disclosure of timing information, which...

Microsoft ASP.NET Information Disclosure Vulnerability (2418042)

This host is missing a critical security update according to Microsoft Bulletin MS10-070. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...