Description
The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack."
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Easy Slideshow Multiple Cross-Site Request Forgery Vulnerabilities (1.0.3)
WordPress Plugin JTRT Responsive Tables SQL Injection (4.1)
SharePoint CVE-2020-1583 Vulnerability (CVE-2020-1583)
PrestaShop Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-13461)