Lucene search
K

93 matches found

CVE
CVE
added 2024/01/22 11:9 p.m.160 views

CVE-2024-23342

The CVE-2024-23342 entry concerns the python-ecdsa package (pure-Python ECC implementation) with support for ECDSA/EdDSA/ECDH. Versions 0.18.0 and earlier are vulnerable to the Minerva attack. The available connected documents confirm that the vulnerability is tied to this package and note the ab...

7.4CVSS7.2AI score0.00977EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/01/22 11:9 p.m.72 views

CVE-2024-23342 python-ecdsa vulnerable to Minerva attack on P-256

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...

7.4CVSS7.6AI score0.00977EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/01/22 11:9 p.m.11 views

CVE-2024-23342 python-ecdsa vulnerable to Minerva attack on P-256

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...

7.4CVSS7.4AI score0.00977EPSS
Exploits1References4
OSV
OSV
added 2024/01/22 11:9 p.m.27 views

CVE-2024-23342 python-ecdsa vulnerable to Minerva attack on P-256

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...

7.4CVSS7.3AI score0.00977EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2024/01/22 11:9 p.m.34 views

CVE-2024-23342

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...

7.4CVSS7.4AI score0.00977EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2024/01/22 11:9 p.m.28 views

CVE-2024-23342

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...

7.4CVSS7.3AI score0.00977EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.14 views

ecdsa Security Vulnerabilities

python-ecdsa is a signature verification plugin for Python. A security vulnerability exists in ecdsa 0.18.0 and earlier versions, which stems from vulnerability to Minerva attacks...

7.4CVSS6.7AI score0.00977EPSS
Exploits1References7
OSV
OSV
added 2024/01/11 3:8 a.m.6 views

USN-6562-2 firefox regressions

USN-6562-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

6.1AI score0.20472EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2023/12/20 12:0 a.m.32 views

CVE-2023-6135

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox 121...

4.3CVSS6.8AI score0.00714EPSS
Exploits0References6
OSV
OSV
added 2023/12/19 2:15 p.m.8 views

CVE-2023-6135

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox 121...

4.3CVSS3.9AI score
Exploits0References3
OSV
OSV
added 2023/12/19 2:15 p.m.3 views

DEBIAN-CVE-2023-6135

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox 121...

4.3CVSS6.3AI score0.00714EPSS
Exploits0References1
Mozilla
Mozilla
added 2023/12/19 12:0 a.m.152 views

Security Vulnerabilities fixed in Firefox 121 — Mozilla

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. Multiple NSS NIST curves were susceptible to a side-channel attack known as...

8.8CVSS9.1AI score0.20472EPSS
Exploits0References18Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/04 12:0 a.m.5 views

PT-2024-22602 · Gnutls +10 · Gnutls +10

Name of the Vulnerable Software and Affected Versions: GnuTLS affected versions not specified Description: A flaw was found in GnuTLS, known as the Minerva attack, which is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In...

7.5CVSS5.9AI score0.01614EPSS
Exploits2References111
Rows per page
Query Builder