cve/CVE-2024-0553.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio d6bcaa53f2 Update CVE sources 2024-07-25 21:25

2024-07-25 21:25:12 +00:00

1.9 KiB

Raw Permalink Blame History

CVE-2024-0553

Description

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.

POC

Reference

No PoCs from references.

Github

https://github.com/GitHubForSnap/ssmtp-gael
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/fokypoky/places-list
https://github.com/testing-felickz/docker-scout-demo

1.9 KiB Raw Permalink Blame History

CVE-2024-0553

Description

POC

Reference

Github

1.9 KiB

Raw Permalink Blame History