Описание
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | opensc | Affected | ||
| Red Hat Enterprise Linux 8 | opensc | Fixed | RHSA-2024:0967 | 26.02.2024 |
| Red Hat Enterprise Linux 9 | opensc | Fixed | RHSA-2024:0966 | 26.02.2024 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-203
https://bugzilla.redhat.com/show_bug.cgi?id=2248685OpenSC: Side-channel leaks while stripping encryption PKCS#1 padding
EPSS
Процентиль: 49%
0.00257
Низкий
5.6 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.6
ubuntu
около 2 лет назад
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.
CVSS3: 5.6
nvd
около 2 лет назад
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.
CVSS3: 5.9
msrc
почти 2 года назад
Opensc: side-channel leaks while stripping encryption pkcs#1 padding
CVSS3: 5.6
debian
около 2 лет назад
A vulnerability was found in OpenSC where PKCS#1 encryption padding re ...
EPSS
Процентиль: 49%
0.00257
Низкий
5.6 Medium
CVSS3