9 matches found
CVE-2026-6291
Bleichenbacher padding oracle in PKCS7 KTRI decryption. When decrypting PKCS7 EnvelopedData using RSA PKCS1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation failed versus whether the decrypted content was malformed. An attacker able to...
CVE-2026-5419
A flaw was found in gnutls. The PKCS7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of...
EUVD-2026-33755
A flaw was found in gnutls. The PKCS7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of...
Security update for libcryptopp
This update for libcryptopp fixes the following issues: CVE-2023-50979: Fixed side-channel leakage during decryption with PKCS1v1.5 padding. bsc1218217 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:4310-1 Security update for libcryptopp
This update for libcryptopp fixes the following issues: - CVE-2023-50979: Fixed side-channel leakage during decryption with PKCS1v1.5 padding. bsc1218217...
OESA-2024-2148 fence-agents security update
A collection of executables to handle isolation "fencing" of possibly misbehaving hosts by the means of remote power management, blocking network, storage, or similar. They operate through a unified interface calling conventions devised for the original Red Hat clustering solution. Security Fixes...
UBUNTU-CVE-2023-50979
Crypto++ aka cryptopp through 8.9.0 has a Marvin side channel during decryption with PKCS1 v1.5 padding...
USN-4990-1: Nettle vulnerabilities
It was discovered that Nettle incorrectly handled RSA decryption. A remote attacker could possibly use this issue to cause Nettle to crash, resulting in a denial of service. CVE-2021-3580 It was discovered that Nettle incorrectly handled certain padding oracles. A remote attacker could possibly u...
PYSEC-2020-143
tlslite-ng is an open source python library that implements SSL and TLS cryptographic protocols. In tlslite-ng before versions 0.7.6 and 0.8.0-alpha39, the code that performs decryption and padding check in RSA PKCS1 v1.5 decryption is data dependant. In particular, the code has multiple ways in...