MiracleLinux 8 : nss-3.90.0-4.el8_9 (AXSA:2024-7398:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7398:02 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

EUVD-2023-57703

Malicious code in bioql PyPI...

MGASA-2023-0130 Updated openssl packages fix security vulnerability

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

SUSE-SU-2023:0584-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2022-4304: Fixed timing Oracle in RSA Decryption bsc1207534...

SUSE-SU-2022:3932-1 Security update for python-rsa

This update for python-rsa fixes the following issues: - CVE-2020-25658: Fixed bleichenbacher timing oracle attack against RSA decryption bsc1178676...

SUSE-SU-2021:2135-1 Security update for libnettle

This update for libnettle fixes the following issues: - CVE-2021-3580: Fixed a remote denial of service in the RSA decryption via manipulated ciphertext bsc1187060...

CVE-2020-25659

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...

CVE-2016-8871

In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an "OAEP side channel" attack...