iPXE TLS tls.c tls_new_ciphertext information exposure

...

iPXE Information Disclosure Vulnerability

iPXE is iPXE open source a network bootstrap program . An information disclosure vulnerability exists in versions of iPXE prior to iPXE 2022.11.08 that affects the tlsnewciphertext function in the component TLS src/net/tls.c file and can be exploited by an attacker to obtain sensitive information...

Design/Logic Flaw

A vulnerability was found in iPXE. It has been declared as problematic. This vulnerability affects the function tlsnewciphertext of the file src/net/tls.c of the component TLS. The manipulation of the argument padlen leads to information exposure through discrepancy. The name of the patch is...

CVE-2022-4087 iPXE TLS tls.c tls_new_ciphertext information exposure

A vulnerability was found in iPXE. It has been declared as problematic. This vulnerability affects the function tlsnewciphertext of the file src/net/tls.c of the component TLS. The manipulation of the argument padlen leads to information exposure through discrepancy. The name of the patch is...

CVE-2022-4087

A vulnerability was found in iPXE. It has been declared as problematic. This vulnerability affects the function tlsnewciphertext of the file src/net/tls.c of the component TLS. The manipulation of the argument padlen leads to information exposure through discrepancy. The name of the patch is...

CVE-2022-4087

The CVE-2022-4087 entry concerns iPXE and affects the TLS component (src/net/tls.c, function tls_new_ciphertext). The vulnerability arises from manipulating the pad_len argument, leading to information exposure through discrepancy. Public sources in the connected documents identify the issue and ...

CVE-2022-4087

A vulnerability was found in iPXE. It has been declared as problematic. This vulnerability affects the function tlsnewciphertext of the file src/net/tls.c of the component TLS. The manipulation of the argument padlen leads to information exposure through discrepancy. The name of the patch is...