exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 15

BDU:2023-07001

больше 2 лет назад

Уязвимость криптографической библиотеки транспортного уровня GnuTLS, связанная с различием времени ответа при обработке шифротекста RSA в сообщении ClientKeyExchange с корректным и некорректным добавочным заполнением PKCS#1, позволяющая нарушителю восстановить ключ для расшифровки сообщений

CVSS3: 7.4

EPSS: Низкий

ROS-20240404-08

около 1 года назад

Уязвимость gnutls

CVSS3: 7.4

EPSS: Низкий

CVE-2023-0361

больше 2 лет назад

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.

CVSS3: 7.4

EPSS: Низкий

CVE-2023-0361

больше 2 лет назад

CVSS3: 7.4

EPSS: Низкий

CVE-2023-0361

больше 2 лет назад

CVSS3: 7.4

EPSS: Низкий

CVE-2023-0361

больше 2 лет назад

CVSS3: 7.4

EPSS: Низкий

CVE-2023-0361

больше 2 лет назад

A timing side-channel in the handling of RSA ClientKeyExchange message ...

CVSS3: 7.4

EPSS: Низкий

SUSE-SU-2023:0610-1

больше 2 лет назад

Security update for gnutls

EPSS: Низкий

SUSE-SU-2023:0475-1

больше 2 лет назад

Security update for gnutls

EPSS: Низкий

RLSA-2023:1569

около 2 лет назад

Moderate: gnutls security and bug fix update

EPSS: Низкий

RLSA-2023:1141

больше 2 лет назад

Moderate: gnutls security and bug fix update

EPSS: Низкий

GHSA-5547-g9w2-52xj

больше 2 лет назад

CVSS3: 7.5

EPSS: Низкий

ELSA-2023-1569

около 2 лет назад

ELSA-2023-1569: gnutls security and bug fix update (MODERATE)

EPSS: Низкий

ELSA-2023-1141

больше 2 лет назад

ELSA-2023-1141: gnutls security and bug fix update (MODERATE)

EPSS: Низкий

SUSE-SU-2023:4952-1

больше 1 года назад

Security update for gnutls

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2023-07001 Уязвимость криптографической библиотеки транспортного уровня GnuTLS, связанная с различием времени ответа при обработке шифротекста RSA в сообщении ClientKeyExchange с корректным и некорректным добавочным заполнением PKCS#1, позволяющая нарушителю восстановить ключ для расшифровки сообщений	CVSS3: 7.4	3% Низкий	больше 2 лет назад
ROS-20240404-08 Уязвимость gnutls	CVSS3: 7.4	3% Низкий	около 1 года назад
CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.	CVSS3: 7.4	3% Низкий	больше 2 лет назад
CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.	CVSS3: 7.4	3% Низкий	больше 2 лет назад
CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.	CVSS3: 7.4	3% Низкий	больше 2 лет назад
CVE-2023-0361	CVSS3: 7.4	3% Низкий	больше 2 лет назад
CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange message ...	CVSS3: 7.4	3% Низкий	больше 2 лет назад
SUSE-SU-2023:0610-1 Security update for gnutls		3% Низкий	больше 2 лет назад
SUSE-SU-2023:0475-1 Security update for gnutls		3% Низкий	больше 2 лет назад
RLSA-2023:1569 Moderate: gnutls security and bug fix update		3% Низкий	около 2 лет назад
RLSA-2023:1141 Moderate: gnutls security and bug fix update		3% Низкий	больше 2 лет назад
GHSA-5547-g9w2-52xj A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.	CVSS3: 7.5	3% Низкий	больше 2 лет назад
ELSA-2023-1569 ELSA-2023-1569: gnutls security and bug fix update (MODERATE)			около 2 лет назад
ELSA-2023-1141 ELSA-2023-1141: gnutls security and bug fix update (MODERATE)			больше 2 лет назад
SUSE-SU-2023:4952-1 Security update for gnutls			больше 1 года назад

Уязвимостей на страницу