Описание
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 3.13.0+dfsg-1 |
| cosmic | not-affected | 3.13.0+dfsg-1 |
| devel | not-affected | 3.13.0+dfsg-1 |
| disco | not-affected | 3.13.0+dfsg-1 |
| eoan | not-affected | 3.13.0+dfsg-1 |
| esm-apps/bionic | not-affected | 3.13.0+dfsg-1 |
| esm-apps/focal | not-affected | 3.13.0+dfsg-1 |
| esm-apps/jammy | not-affected | 3.13.0+dfsg-1 |
| esm-apps/noble | not-affected | 3.13.0+dfsg-1 |
Показывать по
EPSS
4.3 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle ...
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
EPSS
4.3 Medium
CVSS2
7.5 High
CVSS3