Описание
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | deferred | |
| esm-infra-legacy/trusty | deferred | |
| esm-infra/bionic | deferred | |
| esm-infra/focal | deferred | |
| esm-infra/xenial | deferred | |
| focal | ignored | end of standard support, was deferred |
| jammy | deferred | |
| mantic | ignored | end of life, was deferred [2025-01-16] |
| noble | deferred | |
| oracular | ignored | end of life, was deferred |
Показывать по
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA ...
EPSS
5.9 Medium
CVSS3