Lucene search
K

30 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Firefox

Multiple NSS NIST curves were vulnerable to a side-channel attack known as “Minerva”. This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox versions less than 121...

4.3CVSS6.3AI score0.00714EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: gnutls (CVE-2024-28834)

The version of gnutls installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28834 advisory. - A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic...

5.3CVSS5.5AI score0.00718EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 9 : gnutls-3.7.6-23.el9_3.4 (AXSA:2024-7696:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7696:05 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain building/verification CVE-2024-28835...

5.3CVSS6.6AI score0.00718EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : gnutls-3.6.16-8.el8_9.3.ML.1 (AXSA:2024-7683:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7683:04 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 Tenable has extracted the preceding description block directly from the MiracleLin...

5.3CVSS7AI score0.00718EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/07/07 12:59 p.m.2 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 bsc1240366. Backport mdless cms signing support jscPED-12895 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...

6CVSS7.3AI score0.00361EPSS
Exploits0References6
OSV
OSV
added 2025/06/13 11:5 a.m.4 views

SUSE-SU-2025:20406-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 on PPC arch bsc1240366 - CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136...

5.3CVSS6.7AI score0.00601EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/06/13 10:48 a.m.2 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 bsc1240366 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

6CVSS7.3AI score0.00361EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2024/11/09 8:0 a.m.2 views

Gnutls: vulnerable to minerva side-channel information leak

...

5.3CVSS6.5AI score0.00718EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/09/19 12:18 p.m.4 views

nss: vulnerable to Minerva side-channel information leak

The Network Security Services NSS package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key...

4.3CVSS6.8AI score0.00714EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/09/19 11:29 a.m.5 views

nss: vulnerable to Minerva side-channel information leak

The Network Security Services NSS package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key...

4.3CVSS6.8AI score0.00714EPSS
Exploits0References8
OSV
OSV
added 2024/08/06 8:48 p.m.5 views

CLSA-2024-1722977316 nss: Fix of CVE-2023-6135

CVE-2023-6135: fix a vulnerability in NSS involving NIST curves susceptible to the "Minerva" side-channel attack, potentially allowing private key recovery...

4.3CVSS6.4AI score0.00714EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2024/05/06 1:4 p.m.31 views

gnutls security update

An update is available for gnutls. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnutls package provide the GNU Transport Layer Security GnuTLS library,...

5.3CVSS6.8AI score0.00718EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/30 1:43 p.m.38 views

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

5.3CVSS6.6AI score0.00718EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2024/04/30 12:0 a.m.38 views

Moderate: gnutls security update

The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain...

5.3CVSS5.2AI score0.00718EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/04/25 12:0 a.m.26 views

RHEL 8 : gnutls (RHSA-2024:2044)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2044 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS...

5.3CVSS6.5AI score0.00718EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/23 2:42 p.m.36 views

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

5.3CVSS6.6AI score0.00718EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/04/18 2:25 a.m.231 views

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

5.3CVSS6.6AI score0.00718EPSS
Exploits0References3
OSV
OSV
added 2024/04/18 12:0 a.m.45 views

ALSA-2024:1879 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain...

5.3CVSS5.9AI score0.00718EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2024/04/11 12:0 a.m.36 views

Moderate: gnutls security update

The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. This package update fixes a timing side-channel in deterministic ECDSA. Security Fixes: gnutls: vulnerable to Minerva side-channel...

5.3CVSS6.8AI score0.00718EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.2 views

GnuTLS 信息泄露漏洞

GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols. An information disclosure vulnerability exists in GnuTLS that stems from the application's susceptibility to Minerva side-channel information disclosure...

5.3CVSS6AI score0.00718EPSS
Exploits0References9
Rows per page
Query Builder