Lucene search
K

7 matches found

OSV
OSV
added 2023/11/28 11:28 p.m.479 views

GHSA-C38W-74PG-36HR Marvin Attack: potential key recovery through timing sidechannels

Impact Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. Patches No patch is yet available, however work is underway to migrate...

5.9CVSS5.2AI score0.00605EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/11/28 11:28 p.m.394 views

Marvin Attack: potential key recovery through timing sidechannels

Impact Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. Patches No patch is yet available, however work is underway to migrate...

5.9CVSS6.3AI score0.00605EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2023/11/28 11:28 p.m.465 views

Marvin Attack: potential key recovery through timing sidechannels

The Marvin Attack is a timing sidechannel vulnerability which allows performing RSA decryption and signing operations as an attacker with the ability to observe only the time of the decryption operation performed withthe private key. A recent survey of RSA implementations found that the Rust rsa...

7AI score
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/28 8:57 p.m.379 views

CVE-2023-49092 RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels

RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...

5.9CVSS6.5AI score0.00605EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/11/28 8:57 p.m.168 views

CVE-2023-49092 RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels

RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...

5.9CVSS5.6AI score0.00605EPSS
Exploits0References2
RustSec
RustSec
added 2023/11/22 12:0 p.m.4 views

Marvin Attack: potential key recovery through timing sidechannels

Impact Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. Patches No patch is yet available, however work is underway to migrate...

5.9CVSS6.5AI score0.00605EPSS
Exploits0
OSV
OSV
added 2023/11/22 12:0 p.m.462 views

RUSTSEC-2023-0071 Marvin Attack: potential key recovery through timing sidechannels

Impact Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. Patches No patch is yet available, however work is underway to migrate...

5.9CVSS5.2AI score0.00605EPSS
Exploits0References5
Rows per page
Query Builder