Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.6 views

Azure Linux 3.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2023-0286)

The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0286 advisory. - There is a type confusion vulnerability relating to X.400 addres...

7.4CVSS8AI score0.59501EPSS
Exploits0References2
OSV
OSV
added 2023/02/08 8:15 p.m.6 views

AZL-13564 CVE-2023-0286 affecting package openssl for versions less than 1.1.1k-21

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS6.9AI score0.59501EPSS
Exploits0References1
Amazon
Amazon
added 2023/02/07 12:0 a.m.86 views

Important: openssl11

Issue Overview: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number o...

7.5CVSS7.4AI score0.59501EPSS
Exploits0
Amazon
Amazon
added 2023/02/07 12:0 a.m.67 views

Important: openssl

Issue Overview: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number o...

7.5CVSS7.2AI score0.59501EPSS
Exploits0
Rows per page
Query Builder