Skip to content

RSA PKCS#1 v1.5 Padding Vulnerability

Critical
samrocketman published GHSA-mqw7-c5gg-xq97 Jan 13, 2026

Package

maven net.gleske:jervis (Maven)

Affected versions

< 2.2

Patched versions

2.2

Description

Vulnerability

jervis/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovy

Lines 463 to 465 in 157d2b6

AsymmetricBlockCipher encrypt = new PKCS1Encoding(new RSAEngine())
encrypt.init(true, PublicKeyFactory.createKey(key_pair.public.encoded) as AsymmetricKeyParameter)
byte[] enciphered = encrypt.processBlock(plainbytes, 0, plainbytes.length)

jervis/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovy

Lines 495 to 497 in 157d2b6

AsymmetricBlockCipher decrypt = new PKCS1Encoding(new RSAEngine())
decrypt.init(false, PrivateKeyFactory.createKey(key_pair.private.encoded) as AsymmetricKeyParameter)
decrypt.processBlock(cipherbytes, 0, cipherbytes.length)

Uses PKCS1Encoding which is vulnerable to Bleichenbacher padding oracle attacks. Modern systems should use OAEP (Optimal Asymmetric Encryption Padding).

Impact

Severity is considered low for internal uses of this library but if there's any consumer using these methods directly then this is considered critical.

An attacker with access to a decryption oracle (e.g., timing differences or error messages) could potentially decrypt ciphertext without knowing the private key.

Jervis uses RSA to encrypt AES keys in local-only storage inaccessible from the web. The data stored is GitHub App authentication tokens which will expire within one hour or less.

Patches

Jervis patch will migrate from PKCS1Encoding to OAEPEncoding.

Upgrade to Jervis 2.2.

Workarounds

None

References

Severity

Critical

CVE ID

CVE-2025-68698

Weaknesses

No CWEs