CVE-2016-6298

MEDIUM

RSA <0.3.2 - Info Disclosure

Title source: llm

Description

The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA).

References (5)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/92729

[Issue Tracking, Patch, Vendor Advisory] https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba

[Issue Tracking, Vendor Advisory] https://github.com/latchset/jwcrypto/issues/65

[Issue Tracking, Patch] https://github.com/latchset/jwcrypto/pull/66

[Patch, Vendor Advisory] https://github.com/latchset/jwcrypto/releases/tag/v0.3.2

Scores

CVSS v3 5.3

EPSS 0.0037

EPSS Percentile 58.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-200

Status published

Affected Products (3)

latchset/jwcrypto < 0.3.2

pypi/jwcrypto < 0.3.2PyPI

n/a/n/a

Timeline

Published Sep 01, 2016

Tracked Since Feb 18, 2026