PT-2023-29487

Name of the Vulnerable Software and Affected Versions Go versions prior to 1.20 Description The issue concerns the RSA-based TLS key exchanges in Go, which used the math/big library that is not constant time. Although RSA blinding was applied to prevent timing attacks, analysis suggests this may...

PT-2020-20211 · Linux Foundation +3 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes versions prior to v1.20.0-alpha2 Kubernetes versions 1.19.3 and earlier Kubernetes versions 1.18.10 and earlier Kubernetes versions 1.17.13 and earlier Description: In Kubernetes, if the logging level is set to at least 9,...