Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned, so the information cannot be provided.

Description The issue concerns CBC padding operations that were not constant time, potentially leaking the length of plaintext values to an attacker through side channel attacks via shared resources like cache or branch predictor. Although no contents were leaked, the length information could be used to make inferences about the contents. This affects TLS CBC ciphersuites and CBC encryption using PKCS7 or similar padding mechanisms. The unpadding operations were already constant time and are not affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.