rpm package
suse/erlang&distro=SUSE Enterprise Storage 4
pkg:rpm/suse/erlang&distro=SUSE%20Enterprise%20Storage%204
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-1000385 | Med | 5.9 | < 17.5.6-3.3.1 | 17.5.6-3.3.1 | Dec 12, 2017 | The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key (this is a variation of the Bleichenbacher attack). |
- affected < 17.5.6-3.3.1fixed 17.5.6-3.3.1
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key (this is a variation of the Bleichenbacher attack).