Описание
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
Ссылки
- Third Party Advisory
- Issue TrackingPatch
- Third Party Advisory
- Third Party Advisory
- Issue TrackingPatch
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
5.9 Medium
CVSS3
Дефекты
Связанные уязвимости
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
A timing side-channel vulnerability has been discovered in the opencry ...
EPSS
5.9 Medium
CVSS3