漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Perl-crypt-openssl-rsa: side-channel attack in pkcs#1 v1.5 padding mode (marvin attack)
Vulnerability Description
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
通过时间差异性导致的信息暴露
Vulnerability Title
Crypt-OpenSSL-RSA 安全漏洞
Vulnerability Description
Crypt-OpenSSL-RSA是Todd Rinaldo个人开发者的一个库。 Crypt-OpenSSL-RSA存在安全漏洞,该漏洞源于存在基于计时的侧信道缺陷,该缺陷足以在 Bleichenbacher 式攻击中通过网络恢复明文。
CVSS Information
N/A
Vulnerability Type
N/A