Lucene search
K

22 matches found

Amazon
Amazon
added 2024/06/12 12:0 a.m.22 views

Medium: opensc

Issue Overview: A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. CVE-2023-5992 Affected Packages: opensc Note: This advisory is applicable to Amazon Linux 2 AL2 Cor...

5.9CVSS5.9AI score0.01156EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.23 views

SUSE SLES12 Security Update : opensc (SUSE-SU-2024:1625-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1625-1 advisory. - CVE-2023-5992: Fixed a side-channel leaks while stripping encryption PKCS1 padding bsc1219386 Tenable has extracted the preceding...

5.9CVSS6.8AI score0.01156EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.17 views

Fedora 40 : opensc (2024-3dbc3e8105)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3dbc3e8105 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/04/24 12:0 a.m.31 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : opensc (SUSE-SU-2024:1402-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1402-1 advisory. - CVE-2023-5992: Fixed side-channel leaks while stripping encryption PKCS1 padding bsc1219386 Tenable has...

5.9CVSS6.8AI score0.01156EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.31 views

Fedora 38 : opensc (2024-b92d44f141)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b92d44f141 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.33 views

Fedora 39 : opensc (2024-6460a03e29)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6460a03e29 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.34 views

AlmaLinux 8 : opensc (ALSA-2024:0967)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:0967 advisory. - A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channel resistant. This issue may result in the potential...

5.9CVSS6.5AI score0.01156EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.40 views

Oracle Linux 8 : opensc (ELSA-2024-0967)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-0967 advisory. 0.20.0-8 - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1.5 padding Tenable has extracted the preceding description block directly from...

5.9CVSS6.6AI score0.01156EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/02/26 12:0 a.m.29 views

RHEL 9 : opensc (RHSA-2024:0966)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0966 advisory. The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operation...

5.9CVSS6.7AI score0.01156EPSS
Exploits1References5
NVD
NVD
added 2024/01/31 2:15 p.m.12 views

CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

5.9CVSS5.4AI score0.01156EPSS
Exploits1References10
Cvelist
Cvelist
added 2024/01/31 2:5 p.m.23 views

CVE-2023-5992 Opensc: side-channel leaks while stripping encryption pkcs#1 padding

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

5.6CVSS5.8AI score0.01156EPSS
Exploits1References6
AlpineLinux
AlpineLinux
added 2024/01/31 2:5 p.m.19 views

CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

5.9CVSS5.5AI score0.01156EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2024/01/31 12:0 a.m.25 views

CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

5.9CVSS6.8AI score0.01156EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.46 views

SUSE SLES11 Security Update : openssl1 (SUSE-SU-2019:14171-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14171-1 advisory. - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases,...

4.7CVSS6.7AI score0.03838EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.23 views

SUSE SLES11 Security Update : openssl (SUSE-SU-2019:14174-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14174-1 advisory. - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases,...

4.7CVSS6.7AI score0.03838EPSS
Exploits0References7
Amazon
Amazon
added 2020/03/23 12:0 a.m.70 views

Important: openssl

Issue Overview: Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a grou...

4.7CVSS6.6AI score0.03838EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.43 views

EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2020-1274)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker,...

4.7CVSS6.7AI score0.03838EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.38 views

EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-2218)

According to the versions of the openssl110h packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in th...

5.9CVSS6.6AI score0.12154EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.66 views

EulerOS 2.0 SP3 : openssl (EulerOS-SA-2019-2264)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it...

4.7CVSS6.6AI score0.03838EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/09/10 5:15 p.m.52 views

CVE-2019-1547

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a group does not have...

4.7CVSS6.8AI score0.01188EPSS
Exploits0References5
Rows per page
Query Builder