Cryptography is vulnerable to a Timing Attack. This vulnerability is due to the predictable structure of padding in ciphertexts during RSA encryption. This flaw enables an attacker to distinguish between different types of padding errors, potentially leading to the decryption of captured messages in TLS servers using RSA key exchanges, thus exposing sensitive data.
CPE | Name | Operator | Version |
---|---|---|---|
cryptography | le | 41.0.7 | |
cryptography | le | 41.0.7 |