In Botan 1.11.29 up to and including 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an "OAEP side channel" attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
botan project botan 1.11.32 |
||
botan project botan 1.11.30 |
||
botan project botan 1.11.31 |
||
botan project botan 1.11.29 |