Количество 7
Количество 7
CVE-2024-23170
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario.
CVE-2024-23170
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario.
CVE-2024-23170
CVE-2024-23170
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3 ...
openSUSE-SU-2024:0037-1
Security update for mbedtls
GHSA-w2fw-qqqw-v63m
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario.
BDU:2024-01340
Уязвимость программного обеспечения Mbed TLS, существующая из-за временного бокового канала в частных операциях RSA, позволяющая нарушителю реализовать атаку Марвина (Marvin) и получить доступ к конфиденциальной информации
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-23170 An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
 | CVE-2024-23170 An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
 | CVSS3: 5.5 | 0% Низкий | около 1 года назад | |
| CVE-2024-23170 An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3 ... | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
 | openSUSE-SU-2024:0037-1 Security update for mbedtls | 0% Низкий | около 2 лет назад | |
| GHSA-w2fw-qqqw-v63m An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
 | BDU:2024-01340 Уязвимость программного обеспечения Mbed TLS, существующая из-за временного бокового канала в частных операциях RSA, позволяющая нарушителю реализовать атаку Марвина (Marvin) и получить доступ к конфиденциальной информации | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу