CVE-2023-5992

Опубликовано: 28 нояб. 2023

Источник: redhat

CVSS3: 5.6

EPSS Низкий

Описание

A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	opensc	Affected
Red Hat Enterprise Linux 8	opensc	Fixed	RHSA-2024:0967	26.02.2024
Red Hat Enterprise Linux 9	opensc	Fixed	RHSA-2024:0966	26.02.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-203

https://bugzilla.redhat.com/show_bug.cgi?id=2248685OpenSC: Side-channel leaks while stripping encryption PKCS#1 padding

EPSS

Процентиль: 43%

0.00206

Низкий

5.6 Medium

CVSS3

Связанные уязвимости

CVE-2023-5992

CVSS3: 5.6

ubuntu

больше 1 года назад

A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.

CVE-2023-5992

CVSS3: 5.6

nvd

больше 1 года назад

A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.

CVE-2023-5992

CVSS3: 5.9

msrc

около 1 года назад

Описание отсутствует

CVE-2023-5992

CVSS3: 5.6

debian

больше 1 года назад

A vulnerability was found in OpenSC where PKCS#1 encryption padding re ...

SUSE-SU-2025:02754-1

suse-cvrf

6 дней назад

Security update for opensc

EPSS

Процентиль: 43%

0.00206

Низкий

5.6 Medium

CVSS3