93 matches found
CVE-2024-23342
The CVE-2024-23342 entry concerns the python-ecdsa package (pure-Python ECC implementation) with support for ECDSA/EdDSA/ECDH. Versions 0.18.0 and earlier are vulnerable to the Minerva attack. The available connected documents confirm that the vulnerability is tied to this package and note the ab...
CVE-2024-23342 python-ecdsa vulnerable to Minerva attack on P-256
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...
CVE-2024-23342 python-ecdsa vulnerable to Minerva attack on P-256
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...
CVE-2024-23342 python-ecdsa vulnerable to Minerva attack on P-256
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...
CVE-2024-23342
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...
CVE-2024-23342
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...
ecdsa Security Vulnerabilities
python-ecdsa is a signature verification plugin for Python. A security vulnerability exists in ecdsa 0.18.0 and earlier versions, which stems from vulnerability to Minerva attacks...
USN-6562-2 firefox regressions
USN-6562-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...
CVE-2023-6135
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox 121...
CVE-2023-6135
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox 121...
DEBIAN-CVE-2023-6135
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox 121...
Security Vulnerabilities fixed in Firefox 121 — Mozilla
The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. Multiple NSS NIST curves were susceptible to a side-channel attack known as...
PT-2024-22602 · Gnutls +10 · Gnutls +10
Name of the Vulnerable Software and Affected Versions: GnuTLS affected versions not specified Description: A flaw was found in GnuTLS, known as the Minerva attack, which is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In...