Lucene search
K

6 matches found

Snyk
Snyk
added 2023/07/21 11:57 a.m.2 views

Insecure Randomness

Overview Affected versions of this package are vulnerable to Insecure Randomness. If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value whe...

9.1CVSS9.1AI score0.00541EPSS
Exploits0References2
OSV
OSV
added 2023/07/17 10:15 p.m.3 views

DEBIAN-CVE-2023-3724

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

8.8CVSS8.3AI score0.00541EPSS
Exploits0References1
OSV
OSV
added 2023/07/17 10:15 p.m.7 views

AZL-27649 CVE-2023-3724 affecting package mariadb for versions less than 10.6.9-3.cm2

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

8.8CVSS7.5AI score0.00541EPSS
Exploits0References1
Prion
Prion
added 2023/07/17 10:15 p.m.22 views

Input validation

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

6.5CVSS8.7AI score0.00541EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/07/17 10:15 p.m.1 views

UBUNTU-CVE-2023-3724

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS6AI score0.00541EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/07/17 9:13 p.m.12 views

CVE-2023-3724 TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS9.4AI score0.00541EPSS
Exploits0References2
Rows per page
Query Builder