- Home
- CVEs with nessus.description==Problem Description When verifying a PKCS#1 v1.5 signature, OpenSSL
ignores any bytes which follow the cryptographic hash being signed. In
a valid signature there will be no such bytes. Impact OpenSSL will
incorrectly report some invalid signatures as valid. When an RSA
public exponent of 3 is used, or more generally when a small public
exponent is used with a relatively large modulus (e.g., a public
exponent of 17 with a 4096-bit modulus), an attacker can construct a
signature which OpenSSL will accept as a valid PKCS#1 v1.5 signature.
Workaround No workaround is available.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top