Lucene search
K

4 matches found

Snyk
Snyk
added 2024/06/06 2:26 p.m.4 views

Observable Timing Discrepancy

Overview Affected versions of this package are vulnerable to Observable Timing Discrepancy due to the handling of RSA premaster secrets when an invalid secret is received. An attacker can potentially observe timing differences by exploiting the additional processing performed when the premaster...

3.7CVSS6.9AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.4 views

SUSE CVE-2021-34558

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic...

5.3CVSS7.1AI score0.07032EPSS
Exploits1References10
OSV
OSV
added 2021/07/15 2:15 p.m.2 views

DEBIAN-CVE-2021-34558

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic...

6.5CVSS6.2AI score0.07032EPSS
Exploits1References1
Palo Alto Networks
Palo Alto Networks
added 2018/01/02 6:9 p.m.14 views

ROBOT attack against PAN-OS

ROBOT is an attack that affects the TLS RSA key exchange and could lead to decryption of captured sessions if the TLS server originally serving said captured session is still alive, vulnerable and using the same private key. PAN-89936 / CVE-2017-17841 While SSL Decryption and GlobalProtect are...

5.9CVSS7AI score0.02408EPSS
Exploits0References1
Rows per page
Query Builder