HIGH🇬🇧 English

CVE-2023-6258

CVSS 8.1v3.1pub. 2024-01-30upd. 2024-11-21

A security vulnerability has been identified in the pkcs11-provider, which is associated with Public-Key Cryptography Standards (PKCS#11). If exploited successfully, this vulnerability could result in a Bleichenbacher-like security flaw, potentially enabling a side-channel attack on PKCS#1 1.5 decryption.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Latchset Pkcs11 Provider

    APP
    Latchset
    0.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-50967HIGH7.5ten sam vendor

latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p...

CVE-2026-39373MEDIUM5.3ten sam vendor

JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthentic...

CVE-2024-28102MEDIUM6.8ten sam vendor

JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an att...

CVE-2023-6681MEDIUM5.3ten sam vendor

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack ...

CVE-2016-6298MEDIUM5.3ten sam vendor

The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random F...