rpm package
opensuse/mbedtls&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/mbedtls&distro=openSUSE%20Leap%2015.2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-24119 | — | < 2.16.9-lp152.2.6.1 | 2.16.9-lp152.2.6.1 | Jul 14, 2021 | In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments th | ||
| CVE-2020-10932 | Med | 4.7 | < 2.16.9-lp152.2.3.1 | 2.16.9-lp152.2.3.1 | Apr 15, 2020 | An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by e |
- CVE-2021-24119Jul 14, 2021affected < 2.16.9-lp152.2.6.1fixed 2.16.9-lp152.2.6.1
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments th
- affected < 2.16.9-lp152.2.3.1fixed 2.16.9-lp152.2.3.1
An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by e