{"api_version":"1","generated_at":"2026-05-13T02:11:23+00:00","cve":"CVE-2016-6298","urls":{"html":"https://cve.report/CVE-2016-6298","api":"https://cve.report/api/cve/CVE-2016-6298.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2016-6298","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2016-6298"},"summary":{"title":"CVE-2016-6298","description":"The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA).","state":"PUBLISHED","assigner":"redhat","published_at":"2016-09-01 23:59:01","updated_at":"2026-05-06 22:30:45"},"problem_types":["CWE-200","n/a"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://www.securityfocus.com/bid/92729","name":"http://www.securityfocus.com/bid/92729","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"],"title":"JWCrypto CVE-2016-6298 Information Disclosure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://github.com/latchset/jwcrypto/pull/66","name":"https://github.com/latchset/jwcrypto/pull/66","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch"],"title":"Fix for CVE-2016-6298 by simo5 · Pull Request #66 · latchset/jwcrypto · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/latchset/jwcrypto/issues/65","name":"https://github.com/latchset/jwcrypto/issues/65","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"],"title":"CVE-2016-6298: Million Messages Attack vulnerability · Issue #65 · latchset/jwcrypto · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba","name":"https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Vendor Advisory"],"title":"CVE-2016-6298: Million Messages Attack mitigation · latchset/jwcrypto@eb5be5b · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/latchset/jwcrypto/releases/tag/v0.3.2","name":"https://github.com/latchset/jwcrypto/releases/tag/v0.3.2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Release Security Release CVE-2016-6298 · latchset/jwcrypto · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2016-6298","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6298","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2016","cve_id":"6298","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"latchset","cpe5":"jwcrypto","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2016","cve_id":"6298","cve":"CVE-2016-6298","epss":"0.003650000","percentile":"0.584780000","score_date":"2026-05-06","updated_at":"2026-05-07 00:10:59"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T01:22:20.877Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/latchset/jwcrypto/issues/65"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/latchset/jwcrypto/pull/66"},{"name":"92729","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/92729"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/latchset/jwcrypto/releases/tag/v0.3.2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2016-08-31T00:00:00.000Z","descriptions":[{"lang":"en","value":"The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA)."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-11-25T19:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/latchset/jwcrypto/issues/65"},{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/latchset/jwcrypto/pull/66"},{"name":"92729","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/92729"},{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/latchset/jwcrypto/releases/tag/v0.3.2"},{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","ID":"CVE-2016-6298","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA)."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://github.com/latchset/jwcrypto/issues/65","refsource":"CONFIRM","url":"https://github.com/latchset/jwcrypto/issues/65"},{"name":"https://github.com/latchset/jwcrypto/pull/66","refsource":"CONFIRM","url":"https://github.com/latchset/jwcrypto/pull/66"},{"name":"92729","refsource":"BID","url":"http://www.securityfocus.com/bid/92729"},{"name":"https://github.com/latchset/jwcrypto/releases/tag/v0.3.2","refsource":"CONFIRM","url":"https://github.com/latchset/jwcrypto/releases/tag/v0.3.2"},{"name":"https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba","refsource":"CONFIRM","url":"https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba"}]}}}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2016-6298","datePublished":"2016-09-01T23:00:00.000Z","dateReserved":"2016-07-26T00:00:00.000Z","dateUpdated":"2024-08-06T01:22:20.877Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2016-09-01 23:59:01","lastModifiedDate":"2026-05-06 22:30:45","problem_types":["CWE-200","n/a"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:latchset:jwcrypto:*:*:*:*:*:*:*:*","versionEndExcluding":"0.3.2","matchCriteriaId":"3D621897-7527-4674-BC69-A6C1C2D76D49"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2016","CveId":"6298","Ordinal":"1","Title":"CVE-2016-6298","CVE":"CVE-2016-6298","Year":"2016"},"notes":[{"CveYear":"2016","CveId":"6298","Ordinal":"1","NoteData":"The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA).","Type":"Description","Title":"CVE-2016-6298"},{"CveYear":"2016","CveId":"6298","Ordinal":"2","NoteData":"2016-09-01","Type":"Other","Title":"Published"},{"CveYear":"2016","CveId":"6298","Ordinal":"3","NoteData":"2016-11-25","Type":"Other","Title":"Modified"}]}}}