6 matches found
EUVD-2020-23857
Malware in sbrugna...
CVE-2020-36315
In RELIC before 2020-08-01, RSA PKCS1 v1.5 signature forgery can occur because certain checks of the padding and of the first two bytes are inadequate. NOTE: this requires that a low public exponent such as 3 is being used. The product, by default, does not generate RSA keys with such a low numbe...
CVE-2022-24771 Improper Verification of Cryptographic Signature in node-forge
Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses...
CVE-2020-36315
In RELIC before 2020-08-01, RSA PKCS1 v1.5 signature forgery can occur because certain checks of the padding and of the first two bytes are inadequate. NOTE: this requires that a low public exponent such as 3 is being used. The product, by default, does not generate RSA keys with such a low numbe...
Design/Logic Flaw
In RELIC before 2020-08-01, RSA PKCS1 v1.5 signature forgery can occur because certain checks of the padding and of the first two bytes are inadequate. NOTE: this requires that a low public exponent such as 3 is being used. The product, by default, does not generate RSA keys with such a low numbe...
py-rsa -- Bleichenbacher'06 signature forgery vulnerability
Filippo Valsorda reports: python-rsa is vulnerable to a straightforward variant of the Bleichenbacher'06 attack against RSA signature verification with low public exponent...