GHSA-p52g-cm5j-mjv4 · Severity: medium · Ecosystem: rust — openssl-src subject to Timing Oracle in RSA Decryption
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.
Conclusion & alert: CVE-2022-4304 is rated Moderate Risk (62.4/100): CVSS Medium severity, with high exploitation likelihood (EPSS 16.20%, 97th percentile). Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term. EPSS rose +15.98% over the last day, indicating growing attacker interest. Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.22% | 16.20% | +15.98% |
| 2 | 2026-04-20 | 0.26% | 0.22% | -0.04% |
| 3 | 2026-03-04 | — | 0.26% | — |
Full EPSS history (32 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 5.9 | 3.1 | MEDIUM |
|
2.2 | 3.6 | [email protected] |
| 5.9 | 3.1 | MEDIUM |
|
2.2 | 3.6 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
GHSA-p52g-cm5j-mjv4 · Severity: medium · Ecosystem: rust — openssl-src subject to Timing Oracle in RSA Decryption
| vendor | priority | summary | link |
|---|---|---|---|
alpine
|
— | CVE-2022-4304: 2 source package rows (openssl, openssl1.1-compat); 93 state rows across 10 repos (3.17-community, 3.17-main, 3.18-community, 3.18-main, 3.19-main, 3.20-main, 3.21-main, 3.22-main, edge-community, edge-main); fixed 10, open 83. | https://security.alpinelinux.org/vuln/CVE-2022-4304 |
debian
|
not yet assigned | CVE-2022-4304 not yet assigned priority: Debian including 1 source packages (openssl), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. | https://security-tracker.debian.org/tracker/CVE-2022-4304 |
gentoo
|
normal | CVE-2022-4304: 1 GLSA(s) (202402-08), 1 atom(s) (dev-libs/openssl); latest impact normal. | https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2022-4304 |
redhat
|
medium | — | https://access.redhat.com/security/cve/CVE-2022-4304 |
suse
|
medium | CVE-2022-4304 severity moderate: SUSE including 667 source package names (0.23.0.3.2.527:libopenssl1_1-1.1.1d-150200.11.72.1, 0.23.0.3.2.527:libopenssl1_1-hmac-1.1.1d-150200.11.72.1, …), 1574 product×package rows across 343 product lines (Container bci/bci-base-fips, Container bci/bci-init, … (343 product lines)): Fixed 1356, Known Affected 129, Known Not Affected 59, Will Not Fix 30. | https://www.suse.com/security/cve/CVE-2022-4304/ |
ubuntu
|
medium | CVE-2022-4304 medium priority: Ubuntu including 4 source packages (edk2, nodejs, openssl, openssl1.0), 46 status rows across 13 suites (bionic, focal, jammy, kinetic, lunar, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial): not-affected 16, released 13, ignored 6, needs-triage 6, DNE 5. | https://ubuntu.com/security/CVE-2022-4304 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| openssl | openssl | >= 1.0.2, < 1.0.2zg | cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* |
| openssl | openssl | >= 1.1.1, < 1.1.1t | cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* |
| openssl | openssl | >= 3.0.0, < 3.0.8 | cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* |
| stormshield | endpoint_security | < 7.2.40 | cpe:2.3:a:stormshield:endpoint_security:*:*:*:*:*:*:*:* |
| stormshield | sslvpn | < 3.2.1 | cpe:2.3:a:stormshield:sslvpn:*:*:*:*:*:*:*:* |
| stormshield | stormshield_network_security | >= 2.7.0, < 2.7.11 | cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:* |
| stormshield | stormshield_network_security | >= 2.8.0, < 3.7.34 | cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:* |
| stormshield | stormshield_network_security | >= 3.8.0, < 3.11.22 | cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:* |
| stormshield | stormshield_network_security | >= 4.0.0, < 4.3.16 | cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:* |
| stormshield | stormshield_network_security | >= 4.4.0, < 4.6.3 | cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:* |