Lucene search
K

4 matches found

Snyk
Snyk
added 2025/10/20 9:41 p.m.5 views

Timing Attack

Overview Affected versions of this package are vulnerable to Timing Attack via the mbedtlsmpimodinv or mbedtlsmpigcd functions. An attacker can recover sensitive information from RSA operations by performing a local timing analysis. Note: Applications that do not use RSA private keys and do not...

6.2CVSS6.1AI score0.00202EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/02/08 12:0 a.m.9 views

Vulnerability of the mbedtls_mpi_exp_mod() function in Mbed TLS software, which allows a perpetrator to disclose protected information

The vulnerability of the mbedtlsmpiexpmod function in the Mbed TLS software is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker to disclose the protected information...

4.7CVSS5.4AI score0.00163EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/01 12:0 a.m.7 views

The vulnerability of the mbedtls_mpi_exp_mod function in implementations of TLS and SSL protocols allows a attacker to cause a service failure.

The vulnerability of the mbedtlsmpiexpmod function in TLS and SSL protocol implementations is related to the lack of data size limitations during calculations. Exploiting this vulnerability allows a remote attacker to cause service failures...

7.5CVSS7.2AI score0.0197EPSS
Exploits0References9Affected Software3
Positive Technologies
Positive Technologies
added 2020/12/02 12:0 a.m.4 views

PT-2020-6618 · Mbed Tls +2 · Mbed Tls +2

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions prior to 2.25.0 Mbed TLS versions prior to 2.16.9 LTS Mbed TLS versions prior to 2.7.18 LTS Description: The issue is related to the mbedtls mpi exp mod function in Mbed TLS, which lacks a limit on the size of data during...

9.8CVSS5.9AI score0.02569EPSS
Exploits6References86
Rows per page
Query Builder