Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Opencryptoki ProjectOpencryptoki*

2 matches found

CVE
CVEadded 2024/01/31 4:53 a.m.222 views

CVE-2024-0914

The CVE-2024-0914 issue affects the opencryptoki package and arises from a timing side-channel while processing RSA PKCS#1 v1.5 padded ciphertexts, enabling potential unauthorized RSA ciphertext decryption or signing without the private key. Connected advisories show OpenCryptoki is affected in v...

5.9CVSS5.3AI score0.00422EPSS
CVE
CVEadded 2022/08/23 3:48 p.m.56 views

CVE-2021-3798

CVE-2021-3798 concerns a flaw in openCryptoki where the Soft token fails to validate EC keys created via C_CreateObject or derived with C_DeriveKey using ECDH public data. The underling issue allows a malicious user to extract the private key through an invalid-curve attack. Multiple connected so...

5.5CVSS5.1AI score0.00154EPSS