Name of the Vulnerable Software and Affected Versions: AsymmetriCrypt (affected versions not specified)

Description: The issue is related to a padding oracle vulnerability, specifically the Bleichenbacher's attack, which was disclosed in 1998. This vulnerability affects the encryption and decryption process due to the incorrect use of padding, allowing an attacker to retrieve the encrypted content. The OPENSSL PKCS1 PADDING version, also known as PKCS v1.5, is vulnerable, as it is the default padding used when utilizing openssl * methods. In contrast, PKCS v2.0, also referred to as OAEP, is not vulnerable.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.