Security Advisory

CVE-2016-5430

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-09-03 20:00:00

Last updated 2024-08-06 01:00:59

Assigner redhat

State PUBLISHED

Description

The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php in jose-php before 2.2.1 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA).

← Browse all CVEs View on cve.org ↗