Lucene search
K

5 matches found

Snyk
Snyk
added 2026/03/03 8:7 p.m.2 views

Incorrect Calculation of Buffer Size

Overview Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size via incorrect interpretation of the length prefix in the PSK extension field during TLS 1.3 handshakes. An attacker can exhaust server resources and cause service disruption by sending repeated...

6.3CVSS5.8AI score
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2024/12/12 8:0 a.m.7 views

TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension

...

9.1CVSS7.3AI score0.00541EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/12/22 4:15 a.m.7 views

CVE-2023-24609

Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB in RAM. With a large number of crafted TLS messages, the CPU...

7.5CVSS6AI score0.00731EPSS
Exploits1References3
OSV
OSV
added 2022/06/17 12:17 a.m.3 views

GHSA-JP3W-3Q88-34CF Miscomputation when performing AES encryption in rust-crypto

The following Rust program demonstrates some strangeness in AES encryption - if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key. For these functions, we expect that extending a 16 byte key to a 32 byte k...

6.1AI score
Exploits0References3
OSV
OSV
added 2021/03/12 7:15 p.m.7 views

ALPINE-CVE-2021-20232

A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences...

9.8CVSS6.8AI score0.03444EPSS
Exploits0References1
Rows per page
Query Builder