The vulnerability of the PrivateDecrypt() function in the cryptographic library of the Node.js software platform, which allows a attacker to execute the Bleichenbacher attack or the Marvin attack.
The vulnerability of the PrivateDecrypt function in the Node.js software library is related to the use of hidden auxiliary channels due to a discrepancy in the timing of decrypting valid and invalid encrypted texts based on the PKCS1 v1.5 cryptographic standard. Exploiting this vulnerability allo...