Количество 15
Количество 15
GHSA-5547-g9w2-52xj
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange message ...
SUSE-SU-2023:0610-1
Security update for gnutls
SUSE-SU-2023:0475-1
Security update for gnutls
RLSA-2023:1569
Moderate: gnutls security and bug fix update
RLSA-2023:1141
Moderate: gnutls security and bug fix update
ELSA-2023-1569
ELSA-2023-1569: gnutls security and bug fix update (MODERATE)
ELSA-2023-1141
ELSA-2023-1141: gnutls security and bug fix update (MODERATE)
BDU:2023-07001
Уязвимость криптографической библиотеки транспортного уровня GnuTLS, связанная с различием времени ответа при обработке шифротекста RSA в сообщении ClientKeyExchange с корректным и некорректным добавочным заполнением PKCS#1, позволяющая нарушителю восстановить ключ для расшифровки сообщений
SUSE-SU-2023:4952-1
Security update for gnutls
ROS-20240404-08
Уязвимость gnutls
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-5547-g9w2-52xj A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.5 | 2% Низкий | почти 3 года назад |
 | CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.4 | 2% Низкий | почти 3 года назад |
 | CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.4 | 2% Низкий | почти 3 года назад |
 | CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.4 | 2% Низкий | почти 3 года назад |
 | CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.4 | 2% Низкий | почти 3 года назад |
| CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange message ... | CVSS3: 7.4 | 2% Низкий | почти 3 года назад |
 | SUSE-SU-2023:0610-1 Security update for gnutls | 2% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:0475-1 Security update for gnutls | 2% Низкий | почти 3 года назад | |
 | RLSA-2023:1569 Moderate: gnutls security and bug fix update | 2% Низкий | больше 2 лет назад | |
| RLSA-2023:1141 Moderate: gnutls security and bug fix update | 2% Низкий | больше 2 лет назад | |
| ELSA-2023-1569 ELSA-2023-1569: gnutls security and bug fix update (MODERATE) | больше 2 лет назад | ||
| ELSA-2023-1141 ELSA-2023-1141: gnutls security and bug fix update (MODERATE) | больше 2 лет назад | ||
 | BDU:2023-07001 Уязвимость криптографической библиотеки транспортного уровня GnuTLS, связанная с различием времени ответа при обработке шифротекста RSA в сообщении ClientKeyExchange с корректным и некорректным добавочным заполнением PKCS#1, позволяющая нарушителю восстановить ключ для расшифровки сообщений | CVSS3: 7.4 | 2% Низкий | почти 3 года назад |
| SUSE-SU-2023:4952-1 Security update for gnutls | почти 2 года назад | ||
 | ROS-20240404-08 Уязвимость gnutls | CVSS3: 7.4 | 2% Низкий | больше 1 года назад |
Уязвимостей на страницу