Bleichenbacher Timing Attack

M2Crypto is vulnerable to Bleichenbacher Timing Attack. The vulnerability is due insecure padding schemes, resulting in the exposure of confidential or sensitive data...

Timing Attack

Cryptography is vulnerable to a Timing Attack. This vulnerability is due to the predictable structure of padding in ciphertexts during RSA encryption. This flaw enables an attacker to distinguish between different types of padding errors, potentially leading to the decryption of captured messages...

SUSE: Security Advisory (SUSE-SU-2024:0325-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:0325-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Updated to version 17.0.10 January 2024 CPU: - CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check bsc1218907. - CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier...

SUSE CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

AZL-35077 CVE-2023-5992 affecting package opensc for versions less than 0.25.1-3

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

DEBIAN-CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

AZL-34088 CVE-2023-5992 affecting package opensc for versions less than 0.23.0-3

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

UBUNTU-CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

CVE-2023-5992 Opensc: side-channel leaks while stripping encryption pkcs#1 padding

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

CVE-2023-5992

Summary: CVE-2023-5992 affects the OpenSC OpenSC library stack, where PKCS#1 encryption padding removal was not implemented in a side‑channel resistant way, potentially leaking private data. Multiple connected sources confirm vulnerable OpenSC versions (e.g., < 0.23.0-3; < 0.24.0-1.amzn2023...

CVE-2023-5992 Opensc: side-channel leaks while stripping encryption pkcs#1 padding

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

java-1.8.0-openjdk: Fix of 8 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u402-b06. That fixes following CVEs: - CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler - CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution - CVE-2024-20921: Range check loop...

AZL-34206 CVE-2024-0914 affecting package opencryptoki 3.17.0-1

A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key...

AZL-36965 CVE-2024-0914 affecting package opencryptoki for versions less than 3.24.0-3

A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key...

UBUNTU-CVE-2024-0914

A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key...