Lucene search
K

93 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/06 12:0 a.m.24 views

Rocky Linux 8 : gnutls (RLSA-2024:1784)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:1784 advisory. - A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to...

5.3CVSS6.2AI score0.00718EPSS
Exploits0References2
Amazon
Amazon
added 2024/05/03 12:0 a.m.5 views

Medium: gnutls

Issue Overview: A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeab...

5.3CVSS7.1AI score0.00718EPSS
Exploits0
Amazon
Amazon
added 2024/05/03 12:0 a.m.3 views

Medium: gnutls

Issue Overview: A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeab...

5.3CVSS6.6AI score0.00718EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.25 views

Fedora 40 : gnutls (2024-f69ecb0511)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f69ecb0511 advisory. Rebase gnutls to version 3.8.5 ---- Rebase gnutls to version 3.8.4 - contains fixes for CVE-2024-28834 and CVE-2024-28835 ---- Automatic update for...

5.3CVSS6.5AI score0.00718EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.30 views

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2024-591)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-591 advisory. A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios...

5.3CVSS6.2AI score0.00718EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/25 1:28 a.m.3 views

gnutls: vulnerable to Minerva side-channel information leak

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce...

5.3CVSS6.7AI score0.00718EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/23 2:42 p.m.3 views

gnutls: vulnerable to Minerva side-channel information leak

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce...

5.3CVSS6.7AI score0.00718EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/18 2:25 a.m.4 views

gnutls: vulnerable to Minerva side-channel information leak

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce...

5.3CVSS6.7AI score0.00718EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/18 1:56 a.m.7 views

python-ecdsa: vulnerable to the Minerva attack

A flaw was found in the ecdsa PyPI package, a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior may be...

7.4CVSS5.7AI score0.00977EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2024/04/15 12:0 a.m.32 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : GnuTLS vulnerabilities (USN-6733-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6733-1 advisory. It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly us...

5.3CVSS6.5AI score0.00718EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/15 12:0 a.m.32 views

Oracle Linux 8 : gnutls (ELSA-2024-1784)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1784 advisory. 3.6.16-8.3fips - Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 Orabug: 33200526 ...

5.3CVSS6.4AI score0.00718EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/13 12:0 a.m.36 views

SUSE SLED15: gnutls / gnutls-guile / libgnutls-devel / libgnutls-devel-32bit / etc (SUSE-SU-2024:1271-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1271-1 advisory. - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA bsc1221746 - CVE-2024-28835: Fix...

5.3CVSS6.4AI score0.00718EPSS
Exploits0References8
OSV
OSV
added 2024/04/12 11:7 a.m.5 views

OESA-2024-1439 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

5.3CVSS7.1AI score0.00718EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/12 12:0 a.m.19 views

AlmaLinux 8 : gnutls (ALSA-2024:1784)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1784 advisory. - A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to...

5.3CVSS6.2AI score0.00718EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/04/11 4:9 p.m.5 views

gnutls: vulnerable to Minerva side-channel information leak

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce...

5.3CVSS6.7AI score0.00718EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/04/05 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2024-0089)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.3AI score0.00718EPSS
Exploits0References4
Mageia
Mageia
added 2024/03/26 8:0 a.m.47 views

Updated gnutls packages fix security vulnerabilities

The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits,...

5.3CVSS6.6AI score0.00718EPSS
Exploits0References2
NVD
NVD
added 2024/03/21 2:15 p.m.21 views

CVE-2024-28834

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce...

5.3CVSS5.5AI score0.00718EPSS
Exploits0References15
OSV
OSV
added 2024/03/21 2:15 p.m.5 views

AZL-37109 CVE-2024-28834 affecting package gnutls for versions less than 3.8.3-2

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce...

5.3CVSS6.6AI score0.00718EPSS
Exploits0References1
OSV
OSV
added 2024/03/21 2:15 p.m.7 views

AZL-37084 CVE-2024-28834 affecting package gnutls for versions less than 3.7.11-1

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce...

5.3CVSS6.6AI score0.00718EPSS
Exploits0References1
Rows per page
Query Builder