Lucene search
K

5 matches found

Debian
Debian
added 2022/12/25 11:33 p.m.141 views

[SECURITY] [DLA 3249-1] mbedtls security update

Debian LTS Advisory DLA-3249-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 26, 2022 https://wiki.debian.org/LTS Package : mbedtls Version : 2.16.9-0deb10u1 CVE ID : CVE-2019-16910 CVE-2019-18222 CVE-2020-10932 CVE-2020-10941 CVE-2020-16150...

9.8CVSS6.5AI score0.02569EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2020/09/17 12:0 a.m.30 views

Fedora 31 : mbedtls (2020-48a1ae610c)

Update to 2.16.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

5.5CVSS6AI score0.00368EPSS
Exploits0References2
NVD
NVD
added 2020/09/02 4:15 p.m.14 views

CVE-2020-16150

A Lucky 13 timing side channel in mbedtlsssldecryptbuf in library/sslmsg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length...

5.5CVSS5.6AI score0.00368EPSS
Exploits0References6
OSV
OSV
added 2020/09/02 4:15 p.m.3 views

ALPINE-CVE-2020-16150

A Lucky 13 timing side channel in mbedtlsssldecryptbuf in library/sslmsg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length...

5.5CVSS6.8AI score0.00368EPSS
Exploits0References1
CVE
CVE
added 2020/09/02 12:0 a.m.110 views

CVE-2020-16150

CVE-2020-16150 describes a Lucky 13 timing side-channel in mbedtls_ssl_decrypt_buf (library/ssl_msg.c) of Trusted Firmware Mbed TLS up to version 2.23.0. The side-channel arises from padding-length dependent timing in CBC mode, enabling an attacker to recover secret key information. The vulnerabi...

5.5CVSS5.4AI score0.00368EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder