JLSEC-2025-233 Padding oracle through timing of cipher error reporting
Vulnerability In symmetric encryption modes that involve padding, if an attacker can submit ciphertexts for decryption and learn whether the padding is valid, this provides partial information about the plaintext. If the attacker can also submit input that the victim encrypts together with a...