CVE-2024-3296

🗓️ 04 Apr 2024 13:47:24Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 75 Views

A timing-based side-channel vulnerability in rust-openssl packag

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2024-3296	3 Aug 202506:50	–	circl
CNNVD	rust-openssl 安全漏洞	4 Apr 202400:00	–	cnnvd
Cvelist	CVE-2024-3296 Rust-openssl: timing based side-channel can lead to a bleichenbacher style attack	4 Apr 202413:47	–	cvelist
Debian CVE	CVE-2024-3296	4 Apr 202413:47	–	debiancve
EUVD	EUVD-2024-31886	3 Oct 202520:07	–	euvd
F5 Networks	K000139508: rust-openssl vulnerability CVE-2024-3296	3 May 202419:09	–	f5
NVD	CVE-2024-3296	4 Apr 202414:15	–	nvd
OSV	CVE-2024-3296	4 Apr 202414:15	–	osv
OSV	UBUNTU-CVE-2024-3296	4 Apr 202414:15	–	osv
Positive Technologies	PT-2024-25007 · Unknown +1 · Rust-Openssl +1	4 Apr 202400:00	–	ptsecurity

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "3.2.0",
        "lessThan": "*",
        "versionType": "semver"
      }
    ],
    "packageName": "rust-openssl",
    "collectionURL": "https://github.com/sfackler/rust-openssl/",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "389-ds:1.4/389-ds-base",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "python3.12-cryptography",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "389-ds-base",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "keylime-agent-rust",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "python3.12-cryptography",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  }
]

Source	Link
access	www.access.redhat.com/security/cve/CVE-2024-3296
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

15 Apr 2026 00:35Current

5.4Medium risk

Vulners AI Score5.4

CVSS 3.15.9

EPSS0.00079

SSVC