Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.50 views

EUVD-2024-31886

Malicious code in bioql PyPI...

5.9CVSS5.8AI score0.00415EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2024/05/03 7:9 p.m.45 views

K000139508: rust-openssl vulnerability CVE-2024-3296

Security Advisory Description A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of tria...

5.9CVSS5.7AI score0.00415EPSS
Exploits0
OSV
OSV
added 2024/04/25 5:15 p.m.23 views

CVE-2024-2467

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

5.9CVSS6.3AI score0.00516EPSS
Exploits0References4
NVD
NVD
added 2024/04/25 5:15 p.m.19 views

CVE-2024-2467

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

5.9CVSS5.4AI score0.00516EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/25 4:45 p.m.280 views

CVE-2024-2467 Perl-crypt-openssl-rsa: side-channel attack in pkcs#1 v1.5 padding mode (marvin attack)

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

5.9CVSS6.4AI score0.00516EPSS
Exploits0References4
NVD
NVD
added 2024/04/04 2:15 p.m.37 views

CVE-2024-3296

A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The...

5.9CVSS5.5AI score0.00415EPSS
Exploits0References2
OSV
OSV
added 2024/04/04 2:15 p.m.18 views

CVE-2024-3296

A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The...

5.9CVSS5.4AI score0.00415EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/04 1:47 p.m.24 views

CVE-2024-3296 Rust-openssl: timing based side-channel can lead to a bleichenbacher style attack

A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The...

5.9CVSS6.5AI score0.00415EPSS
Exploits0References2
CVE
CVE
added 2024/04/04 1:47 p.m.87 views

CVE-2024-3296

CVE-2024-3296 involves the rust-openssl crate and a timing-based side-channel that could permit plaintext recovery over a network via a Bleichenbacher-style attack on the legacy PKCS#1v1.5 padding. An attacker would need to send many trial decryptions to achieve success. The connected documents c...

5.9CVSS5.4AI score0.00415EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/04/04 1:47 p.m.17 views

CVE-2024-3296

Removed by vendor...

5.9CVSS5.8AI score0.00415EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/04/04 3:24 a.m.17 views

CVE-2024-3296

A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The...

5.9CVSS5.3AI score0.00415EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/04/04 12:0 a.m.20 views

CVE-2024-3296

A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The...

5.9CVSS6.2AI score0.00415EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.4 views

PT-2024-5167

Name of the Vulnerable Software and Affected Versions: perl-Crypt-OpenSSL-RSA affected versions not specified Description: A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attac...

7.1CVSS5.7AI score0.00516EPSS
Exploits0References38
Veracode
Veracode
added 2023/11/21 8:1 a.m.19 views

Weak Encryption

upydev is vulnerable to Weak Encryption. The vulnerability is due to PKCS 1v1.5 padding used in the RSA algorithm. This could lead to a Bleichenbacher attack...

7.5CVSS6.9AI score0.00248EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2020/10/28 1:1 a.m.28 views

Insecure RSA Decryption (Bleichenbacher Timing Vulnerability)

cryptography is using insecure RSA Decryption and is vulnerable to Bleichenbacher Timing Vulnerability. When RSA decryption is used in online scenarios, it does not use RSA PKCS1v1.5 decryption with constant time, allowing an attacker to passively record traffic and later decrypt it...

5.9CVSS3.4AI score0.02454EPSS
Exploits0References5Affected Software5
Rows per page
Query Builder