Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:49 a.m.29 views

CVE-2024-25714

In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. The fix uses gnutlsmemcmp, which has constant-time execution...

9.8CVSS6.7AI score0.00814EPSS
Exploits0References1
Circl
Circl
added 2024/02/11 4:26 a.m.6 views

CVE-2024-25714

creationtimestamp| type| source ---|---|--- 2024-02-11 04:26:23+00:00| seen| https://t.me/ctinow/182684...

9.8CVSS4.8AI score0.00814EPSS
Exploits0References1
NVD
NVD
added 2024/02/11 3:15 a.m.33 views

CVE-2024-25714

In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. The fix uses gnutlsmemcmp, which has constant-time execution...

9.8CVSS6.4AI score0.00814EPSS
Exploits0References1
OSV
OSV
added 2024/02/11 3:15 a.m.51 views

UBUNTU-CVE-2024-25714

In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. The fix uses gnutlsmemcmp, which has constant-time execution...

9.8CVSS5.8AI score0.00814EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/11 12:0 a.m.15 views

CVE-2024-25714

In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. The fix uses gnutlsmemcmp, which has constant-time execution...

6.7AI score0.00814EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/02/11 12:0 a.m.14 views

CVE-2024-25714

In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. The fix uses gnutlsmemcmp, which has constant-time execution...

9.8CVSS9.4AI score0.00814EPSS
Exploits0
Rows per page
Query Builder