9 matches found
BiliupApi (>=0.1.0 <=0.1.7), BrandoCulqi (=1.0.1) +335 more potentially affected by CVE-2023-49092 via rsa (>=0.1.2 <=0.8.2)
rsa CARGO version =0.1.2, =0.1.0, =1.0.0, =1.0.1, =0.0.1, =0.12.0, =0.5.0, =0.2.0, =0.1.0, =1.0.1, =0.1.0, =0.3.11, =0.3.21 and more Source cves: CVE-2023-49092 Source advisory: OSV:GHSA-C38W-74PG-36HR...
BiliupApi (>=0.1.0 <=0.1.7), BrandoCulqi (=1.0.1) +335 more potentially affected by CVE-2023-49092 via rsa (>=0.1.2 <=0.8.2)
rsa CARGO version =0.1.2, =0.1.0, =1.0.0, =1.0.1, =0.0.1, =0.12.0, =0.5.0, =0.2.0, =0.1.0, =1.0.1, =0.1.0, =0.3.11, =0.3.21 and more Source cves: CVE-2023-49092 Source advisory: OSV:GHSA-4GRX-2X9W-596C...
CVE-2023-49092 vulnerabilities
Vulnerabilities for packages: zed, vector, deno, atuin, sccache...
CVE-2023-49092
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...
CVE-2023-49092 RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...
CVE-2023-49092 RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...
CVE-2023-49092
The CVE-2023-49092 entry concerns RustCrypto/RSA, a pure Rust portable RSA implementation. The root cause is a non-constant-time implementation that leaks information about the private key through timing observations over the network. Practical impact is key recovery by an attacker who can observ...
CVE-2023-49092
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...
BiliupApi (>=0.1.0 <=0.1.7), BrandoCulqi (=1.0.1) +335 more potentially affected by CVE-2023-49092 via rsa (>=0.1.2 <=0.8.2)
rsa CARGO version =0.1.2, =0.1.0, =1.0.0, =1.0.1, =0.0.1, =0.12.0, =0.5.0, =0.2.0, =0.1.0, =1.0.1, =0.1.0, =0.3.11, =0.3.21 and more Source cves: CVE-2023-49092 Source advisory: OSV:RUSTSEC-2023-0071...