Количество 15
Количество 15
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange message ...
SUSE-SU-2023:0610-1
Security update for gnutls
SUSE-SU-2023:0475-1
Security update for gnutls
RLSA-2023:1569
Moderate: gnutls security and bug fix update
RLSA-2023:1141
Moderate: gnutls security and bug fix update
GHSA-5547-g9w2-52xj
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
ELSA-2023-1569
ELSA-2023-1569: gnutls security and bug fix update (MODERATE)
ELSA-2023-1141
ELSA-2023-1141: gnutls security and bug fix update (MODERATE)
BDU:2023-07001
Уязвимость криптографической библиотеки транспортного уровня GnuTLS, связанная с различием времени ответа при обработке шифротекста RSA в сообщении ClientKeyExchange с корректным и некорректным добавочным заполнением PKCS#1, позволяющая нарушителю восстановить ключ для расшифровки сообщений
SUSE-SU-2023:4952-1
Security update for gnutls
ROS-20240404-08
Уязвимость gnutls
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.4 | 4% Низкий | около 3 лет назад |
 | CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.4 | 4% Низкий | около 3 лет назад |
 | CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.4 | 4% Низкий | около 3 лет назад |
 | CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.4 | 4% Низкий | около 3 лет назад |
| CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange message ... | CVSS3: 7.4 | 4% Низкий | около 3 лет назад |
 | SUSE-SU-2023:0610-1 Security update for gnutls | 4% Низкий | около 3 лет назад | |
| SUSE-SU-2023:0475-1 Security update for gnutls | 4% Низкий | около 3 лет назад | |
 | RLSA-2023:1569 Moderate: gnutls security and bug fix update | 4% Низкий | почти 3 года назад | |
| RLSA-2023:1141 Moderate: gnutls security and bug fix update | 4% Низкий | около 3 лет назад | |
| GHSA-5547-g9w2-52xj A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection. | CVSS3: 7.5 | 4% Низкий | около 3 лет назад |
| ELSA-2023-1569 ELSA-2023-1569: gnutls security and bug fix update (MODERATE) | почти 3 года назад | ||
| ELSA-2023-1141 ELSA-2023-1141: gnutls security and bug fix update (MODERATE) | около 3 лет назад | ||
 | BDU:2023-07001 Уязвимость криптографической библиотеки транспортного уровня GnuTLS, связанная с различием времени ответа при обработке шифротекста RSA в сообщении ClientKeyExchange с корректным и некорректным добавочным заполнением PKCS#1, позволяющая нарушителю восстановить ключ для расшифровки сообщений | CVSS3: 7.4 | 4% Низкий | около 3 лет назад |
| SUSE-SU-2023:4952-1 Security update for gnutls | больше 2 лет назад | ||
 | ROS-20240404-08 Уязвимость gnutls | CVSS3: 7.4 | 4% Низкий | почти 2 года назад |
Уязвимостей на страницу