Lucene search
K

7 matches found

OSV
OSV
added 2018/07/28 5:29 p.m.2 views

ALPINE-CVE-2018-0498

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery for a CBC based ciphersuite via a cache-based side-channel attack...

4.7CVSS6.4AI score0.00373EPSS
Exploits0References1
OSV
OSV
added 2018/07/28 5:29 p.m.2 views

ALPINE-CVE-2018-0497

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...

5.9CVSS8.8AI score0.02674EPSS
Exploits0References1
CVE
CVE
added 2018/07/28 5:0 p.m.156 views

CVE-2018-0497

CVE-2018-0497 affects ARM mbed TLS prior to 2.12.0, prior to 2.7.5, and prior to 2.1.14. It enables remote partial plaintext recovery in CBC-based ciphersuites via a timing-based side-channel attack. The issue stems from an incorrect fix for CVE-2013-0169, specifically a wrong SHA-384 calculation...

5.9CVSS5.9AI score0.02674EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2018/07/28 5:0 p.m.55 views

CVE-2018-0498

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery for a CBC based ciphersuite via a cache-based side-channel attack...

4.7CVSS5AI score0.00373EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2018/07/28 5:0 p.m.70 views

CVE-2018-0497

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...

5.9CVSS6.1AI score0.02674EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/07/28 5:0 p.m.47 views

CVE-2018-0497

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...

5.9CVSS6.7AI score0.02674EPSS
Exploits0
OSV
OSV
added 2012/01/06 1:55 a.m.10 views

CVE-2012-0390

The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related...

7.8AI score
Exploits0References3
Rows per page
Query Builder