Lucene search
K

13 matches found

OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.16 views

Fedora: Security Advisory (FEDORA-2023-17bdd59177)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.7AI score0.00262EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.12 views

Fedora: Security Advisory (FEDORA-2023-377bc1b17c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.7AI score0.00262EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.38 views

Fedora 40 : firecracker / rust-aes-gcm (2023-377bc1b17c)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-377bc1b17c advisory. - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages firecracker for aes-gcm v0.10.3...

5.5CVSS5.8AI score0.00262EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.20 views

openSUSE: Security Advisory for rage (SUSE-SU-2023:4060-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5AI score0.00262EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/10/13 12:0 a.m.35 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rage-encryption (SUSE-SU-2023:4060-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4060-1 advisory. -CVE-2023-42811: chosen ciphertext attack possible against aes-gcm bsc1215657 update vendor.tar.zst to...

5.5CVSS6.1AI score0.00262EPSS
Exploits1References4
OSV
OSV
added 2023/10/12 8:5 a.m.4 views

SUSE-SU-2023:4060-1 Security update for rage-encryption

This update for rage-encryption fixes the following issues: -CVE-2023-42811: chosen ciphertext attack possible against aes-gcm bsc1215657 update vendor.tar.zst to contain aes-gcm = 0.10.3 - Update to version 0.9.2+0: CI: Ensure apt repository is up-to-date before installing build deps CI: Build...

5.5CVSS5.6AI score0.00262EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/10/03 12:0 a.m.16 views

Fedora 38 : firecracker / rust-aes-gcm (2023-98f44d1c4c)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-98f44d1c4c advisory. - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages firecracker for aes-gcm v0.10.3...

5.5CVSS5.8AI score0.00262EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/10/02 12:0 a.m.20 views

Fedora 37 : firecracker / rust-aes-gcm (2023-bc40c7995e)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-bc40c7995e advisory. - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages firecracker for aes-gcm v0.10.3...

5.5CVSS5.8AI score0.00262EPSS
Exploits1References2
CVE
CVE
added 2023/09/22 3:19 p.m.57 views

CVE-2023-42811

The CVE-2023-42811 issue affects the aes-gcm Rust crate (AES-GCM implementation). In versions before 0.10.3, decrypt_in_place_detached could expose the decrypted plaintext in the buffer after a tag verification failure, potentially enabling CCAs and full plaintext recovery depending on the progra...

5.5CVSS5AI score0.00262EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/22 3:19 p.m.3 views

CVE-2023-42811 AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

4.7CVSS5AI score0.00262EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/09/22 3:19 p.m.60 views

CVE-2023-42811 AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

4.7CVSS5.7AI score0.00262EPSS
Exploits1References5
OSV
OSV
added 2023/09/22 3:19 p.m.16 views

CVE-2023-42811 AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

4.7CVSS5.6AI score0.00262EPSS
Exploits1References7
Circl
Circl
added 2023/09/21 10:54 p.m.6 views

CVE-2023-42811

creationtimestamp| type| source ---|---|--- 2023-09-21 22:54:07+00:00| published-proof-of-concept| https://github.com/RustCrypto/AEADs/security/advisories/GHSA-423w-p2w9-r7vq 2023-09-22 20:31:55+00:00| seen| https://t.me/cibsecurity/70953 2025-06-18 14:41:48+00:00| published-proof-of-concept|...

5.5CVSS6AI score0.00262EPSS
Exploits1References3
Rows per page
Query Builder