USN-6662-1: OpenJDK 21 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

USN-6662-1 openjdk-21 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

SUSE-SU-2024:0619-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 20: bsc1219843 Security fixes: - CVE-2023-33850: Fixed information disclosure vulnerability due to the consumed GSKit library bsc1219843. - CVE-2024-20932: Fixed incorrect handling of ZIP files...

OpenSC: Side-channel leaks while stripping encryption PKCS#1 padding

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

OpenSC: Side-channel leaks while stripping encryption PKCS#1 padding

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

opensc security update

0.20.0-8 - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1.5 padding...

opensc security update

0.23.0-4 - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1.5 padding...

Moderate: opensc security update

The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fixes: OpenSC: Side-channel leaks while stripping...

Moderate: opensc security update

The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fixes: OpenSC: Side-channel leaks while stripping...

Oracle Linux 9 : opensc (ELSA-2024-0966)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-0966 advisory. 0.23.0-4 - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1.5 padding Tenable has extracted the preceding description block directly from...

ALSA-2024:0967 Moderate: opensc security update

The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fixes: OpenSC: Side-channel leaks while stripping...

RHEL 9 : opensc (RHSA-2024:0966)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0966 advisory. The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operation...

SUSE-SU-2024:0605-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 20: bsc1219843 Security fixes: - CVE-2023-33850: Fixed information disclosure vulnerability due to the consumed GSKit library bsc1219843. - CVE-2024-20932: Fixed incorrect handling of ZIP files...

Timing Side Channel Attack

NodeJS is vulnerable to Timing Side Channel Attack. The vulnerability is caused due to a defect in privateDecrypt API of the crypto library during PKCS1 v1.5 padding error handling where there is a significant timing differences in decryption for valid and invalid ciphertexts. An attackers can...

Side-Channel Attack

opensc is vulnerable to Side-Channel Attack. The vulnerability due to the lack of side-channel resistance in the removal of PKCS1 encryption padding. Which leads to unauthorized disclosure or potential leakage of private data...

CVE-2023-46809

A flaw was found in Node.js. The privateDecrypt API of the crypto library may allow a covert timing side-channel during PKCS1 v1.5 padding error handling. This issue revealed significant timing differences in decryption for valid and invalid ciphertexts, which may allow a remote attacker to decry...

PT-2024-2706

Name of the Vulnerable Software and Affected Versions: Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched Description: The issue is related to the use of hidden side channels in the PrivateDecrypt function of th...

CVE-2023-6935 Marvin Attack vulnerability in SP Math All RSA

wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure: --enable-all CFLAGS="-DWOLFSSLSTATICRSA" The define “WOLFSSLSTATICRSA” enables static RSA cipher suites, which is n...

CVE-2023-6935

wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure: --enable-all CFLAGS="-DWOLFSSLSTATICRSA" The define “WOLFSSLSTATICRSA” enables static RSA cipher suites, which is n...

Fedora 38 : gnutls (2024-c43a6cc3f8)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c43a6cc3f8 advisory. Rebase gnutls to version 3.8.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...