cve/CVE-2024-3296.md at 93476d6c370e261fdc1b2b03a08066de45e4892d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio 1fb02038e8 Update CVE sources 2025-09-29 16:08

2025-09-29 16:08:36 +00:00

Description

A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.

POC

Reference

No PoCs from references.

Github

https://github.com/chnzzh/OpenSSL-CVE-lib
https://github.com/fkie-cad/nvd-json-data-feeds

1.0 KiB Raw Blame History

CVE-2024-3296

Description

POC

Reference

Github

1.0 KiB

Raw Blame History