Lucene search
+L

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2024-23170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could b...

5.5CVSS5.6AI score0.00312EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/28 12:0 a.m.12 views

CBL Mariner 2.0 Security Update: hvloader (CVE-2024-23170)

The version of hvloader installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23170 advisory. - An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channe...

5.5CVSS5.7AI score0.00312EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/11/27 9:27 p.m.28 views

CVE-2024-23170 affecting package hvloader for versions less than 1.0.1-6

CVE-2024-23170 affecting package hvloader for versions less than 1.0.1-6. An upgraded version of the package is available that resolves this issue...

5.5CVSS6.9AI score0.00312EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.18 views

openSUSE Security Advisory (openSUSE-SU-2024:0037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00312EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/01 12:0 a.m.26 views

openSUSE 15 Security Update : mbedtls (openSUSE-SU-2024:0037-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0037-1 advisory. - An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channe...

5.5CVSS5.7AI score0.00312EPSS
Exploits0References4
OSV
OSV
added 2024/01/31 7:32 p.m.9 views

OPENSUSE-SU-2024:0037-1 Security update for mbedtls

This update for mbedtls fixes the following issues: - Update to version 2.28.7: - Resolves CVE-2024-23170 boo1219336 - Update to 2.28.6: Changes: Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later license. Users may choose which license they take the code under. - Update to...

5.5CVSS6AI score0.00312EPSS
Exploits0References3
NVD
NVD
added 2024/01/31 8:15 a.m.20 views

CVE-2024-23170

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, a...

5.5CVSS5.5AI score0.00312EPSS
Exploits0References5
OSV
OSV
added 2024/01/31 8:15 a.m.7 views

AZL-47697 CVE-2024-23170 affecting package hvloader for versions less than 1.0.1-6

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, a...

5.5CVSS6AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2024/01/31 8:15 a.m.1 views

DEBIAN-CVE-2024-23170

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, a...

5.5CVSS5.5AI score0.00312EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/01/31 8:15 a.m.27 views

CVE-2024-23170

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, a...

5.5CVSS6.1AI score0.00312EPSS
Exploits0References2
CVE
CVE
added 2024/01/31 12:0 a.m.138 views

CVE-2024-23170

Affected software: Mbed TLS 2.x (pre-2.28.7) and 3.x (pre-3.5.2). Root cause: Timing side-channel in RSA private operations. Impact: Local attacker could recover plaintext by sending a large number of messages for decryption, per the Everlasting ROBOT/Marvin Attack reference. Exploitation status:...

5.5CVSS5.3AI score0.00312EPSS
Exploits0References5Affected Software2
Debian CVE
Debian CVE
added 2024/01/31 12:0 a.m.69 views

CVE-2024-23170

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, a...

5.5CVSS5.2AI score0.00312EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2024/01/31 12:0 a.m.8 views

Security update for mbedtls (moderate)

openSUSE Security Update: Security update for mbedtls Announcement ID: openSUSE-SU-2024:0037-1 Rating: moderate References: 1219336 Cross-References: CVE-2024-23170 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available. Description: This update f...

5.5CVSS6.1AI score0.00312EPSS
Exploits0References1
Rows per page
Query Builder