Erlang Information for VU#144389

TLS implementations may disclose side channel information via discrepencies between valid and invalid PKCS#1 padding

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

This vulnerability was assigned CVE-2017-1000385.

Vendor References

http://erlang.org/pipermail/erlang-questions/2017-November/094255.html

http://erlang.org/pipermail/erlang-questions/2017-November/094256.html
http://erlang.org/pipermail/erlang-questions/2017-November/094257.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.