Astra Linux – Vulnerability in nss

The NSS code used for checking PKCS1 v1.5 was leaking information useful for launching Bleichenbacher-style attacks. Both the overall correctness of the padding and the length of the encrypted message were exposed through timing side-channels. By sending a large number of ciphertexts selected by...

CVE-2026-50268

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Encryption 4.0.0 through 4.1.0, configuring encrypt:rsa:algorithm=OAEP does not enable OAEP encryption. Due to an incorrect BouncyCastle...

CVE-2026-50268

In Steeltoe, the OAEP misconfiguration affects the package Steeltoe.Configuration.Encryption 4.0.0–4.1.0, where setting encrypt:rsa:algorithm=OAEP does not enable OAEP due to an incorrect BouncyCastle transformation string. As a result, OAEP is effectively PKCS#1 v1.5 padding, the same as DEFAULT...

OESA-2026-2612 nss security update

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

CVE-2026-40996 Inbound WS-Security allows RSA PKCS#1 v1.5 key transport by default

Wss4jSecurityInterceptor defaulted allowRSA15KeyTransportAlgorithm to true, overriding Apache WSS4J's safer default for validation RequestData. Inbound WS-Security decryption could therefore accept RSA PKCS1 v1.5 rsa-15 encrypted key material unless operators explicitly reconfigured the flag...

Linux Distros Unpatched Vulnerability : CVE-2026-33662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...

CVE-2026-33894 Forge has signature forgery in RSA-PKCS due to ASN.1 extra field

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS1 v1.5 signature verification accepts forged signatures for low public exponent keys e=3. Attackers can forge signatures by stuffing “garbage” bytes within the ASN...

Improper Verification of Cryptographic Signature

Overview org.webjars.npm:node-forge is a WebJar for node-forge. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in ASN.1 structures during RSA signature verification. An attacker can bypass signature verification and inject forged signatures by...

Azure Linux 3.0 Security Update: opencryptoki (CVE-2024-0914)

The version of opencryptoki installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0914 advisory. - A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RS...

CVE-1999-0007

Information from SSL-encrypted sessions via PKCS 1...

EUVD-1999-0007

Malware in sbrugna...

Medium: python-cryptography

Issue Overview: python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext. CVE-2020-25659 Affected Packages: python-cryptography Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Vis...

CLSA-2024-1734027856 nettle: Fix of CVE-2018-16869

Port side-channel silent functions from 3.4.1. Partially fix for CVE-2018-16869 - CVE-2018-16869: Add side-channel silent memory, math, PKCS1, RSA functions - Added tests for side-channel silent implementations...

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 CVE-2024-41996: Avoid expensive public key validation for known safe-prime groups DHEATATTACK bsc1230698 Patch Instructions: To install this SUSE update use the SUSE recommended...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...

The vulnerability of the openssl_private_decrypt() function in the PKCS1 Padding Handler component of the PHP programming language interpreter allows a attacker to execute a Marvin attack.

The vulnerability of the opensslprivatedecrypt function in the PKCS1 Padding Handler component of the PHP programming language interpreter is related to the use of an OpenSSL version that does not include the changes required by the RSAPKCS1IMPLICITREJECTION request. Exploiting this vulnerability...

bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS1 1.5 and OAEP decryption process a.k.a. Marvin Attack. An attacker can recover cipher-texts via a side-channe...

bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS1 1.5 and OAEP decryption process a.k.a. Marvin Attack. An attacker can recover cipher-texts via a side-channe...

Observable Discrepancy

Overview BouncyCastle is a C implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Observable Discrepancy due to the timing difference between exceptions thrown when processing RSA key exchange handshakes, AKA Marvin. Note: The implemented fix mitigates t...