rpm package
opensuse/mbedtls&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/mbedtls&distro=openSUSE%20Leap%2015.5
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-23170 | Med | 5.5 | < 2.28.7-bp155.2.3.1 | 2.28.7-bp155.2.3.1 | Jan 31, 2024 | An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages |
- affected < 2.28.7-bp155.2.3.1fixed 2.28.7-bp155.2.3.1
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages