Search CVE reports

Toggle filters

71 – 74 of 74 results

CVE-2007-6755

Low priority
Ignored

The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might...

10 affected packages

openssl, mbedtls, openssl098, bouncycastle, gnutls26...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openssl Not affected
mbedtls Not affected
openssl098 Not in release
bouncycastle Not affected
gnutls26 Not in release
gnutls28 Not affected
libgcrypt11 Not in release
nss Not affected
polarssl Not in release
python-crypto Not affected
Show all 10 packages Show less packages

CVE-2013-5915

Medium priority
Ignored

The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow remote attackers to conduct a timing side-channel attack and retrieve RSA private keys.

2 affected packages

mbedtls, polarssl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mbedtls
polarssl
Show less packages

CVE-2013-4623

Medium priority
Ignored

The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 and 1.2.x before 1.2.8 does not properly parse certificate messages during the SSL/TLS handshake, which allows remote attackers to cause a denial of service...

2 affected packages

mbedtls, polarssl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mbedtls
polarssl
Show less packages

CVE-2013-1621

Medium priority

Some fixes available 1 of 8

Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a...

2 affected packages

polarssl, mbedtls

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
polarssl
mbedtls
Show less packages
  1. Previous page
  2. 4
  3. 5
  4. 6
  5. 7
  6. 8
  7. Next page
Export to JSON