41 matches found
CVE-2024-45191
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-45191
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...
CVE-2024-45191
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
Matrix libolm 安全漏洞
Matrix libolm olm is a cryptographic library from the Matrix Foundation. A security vulnerability exists in Matrix libolm version 3.2.16 and earlier versions, which stems from vulnerability to cache timing attacks...
CVE-2024-45191
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-45191
Matrix libolm up to version 3.2.16 contains an AES implementation vulnerable to cache-timing attacks due to S-box usage in the SubWord step. This affects the libolm-based Olm library used by Matrix, with the caveat that affected products are noted as no longer supported by the maintainer. Connect...
CVE-2024-45192
CVE-2024-45192 affects Matrix libolm up to version 3.2.16. The issue is a cache-timing vulnerability caused by decoding group session keys with base64 in the libolm implementation of Olm, potentially exposing timing-related information. NOTE: the vulnerability targets products that are no longer ...
CVE-2024-45191
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...
CVE-2024-45191
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...
Matrix libolm 安全漏洞
Matrix libolm olm is a cryptographic library from the Matrix Foundation. A security vulnerability exists in Matrix libolm version 3.2.16 and prior versions, which stems from the use of base64 when decoding group session keys, which may be subject to cache timing attacks...
CVE-2024-45191
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-45192
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
BIT-VAULT-2023-25000 Vault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations
HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a...
GO-2023-1709 Cache-timing attacks in Shamir's secret sharing in github.com/hashicorp/vault
HashiCorp Vault's implementation of Shamir's secret sharing uses precomputed table lookups, and is vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a bru...
GHSA-VQ4H-9GHM-QMRR HashiCorp Vault's implementation of Shamir's secret sharing vulnerable to cache-timing attacks
HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a...