GHSA-6qhq-g72j-7wvf

Опубликовано: 22 нояб. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 2.3

CVSS3: 4.3

Описание

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder

Ссылки

EPSS

Процентиль: 2%

0.00013

Низкий

2.3 Low

CVSS4

4.3 Medium

CVSS3

CVE ID

CVE-2025-11932

Дефекты

CWE-203

Связанные уязвимости

CVE-2025-11932

CVSS3: 4.3

ubuntu

3 месяца назад

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder

CVE-2025-11932

CVSS3: 4.3

nvd

3 месяца назад

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder

CVE-2025-11932

msrc

3 месяца назад

Timing Side-Channel in PSK Binder Verification

CVE-2025-11932

CVSS3: 4.3

debian

3 месяца назад

The server previously verified the TLS 1.3 PSK binder using a non-cons ...

EPSS

Процентиль: 2%

0.00013

Низкий

2.3 Low

CVSS4

4.3 Medium

CVSS3

CVE ID

CVE-2025-11932

Дефекты

CWE-203