Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-5981: cve-details

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

CVE
#vulnerability#red_hat

Red Hat Product Security Center

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Related news

Red Hat Security Advisory 2024-1082-03

Red Hat Security Advisory 2024-1082-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2024-0796-03

Red Hat Security Advisory 2024-0796-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-0627-03

Red Hat Security Advisory 2024-0627-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-0533-03

Red Hat Security Advisory 2024-0533-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-0399-03

Red Hat Security Advisory 2024-0399-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-0319-03

Red Hat Security Advisory 2024-0319-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Ubuntu Security Notice USN-6499-2

Ubuntu Security Notice 6499-2 - USN-6499-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding update for Ubuntu 18.04 LTS. It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recover sensitive information.

Ubuntu Security Notice USN-6499-1

Ubuntu Security Notice 6499-1 - It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recover sensitive information.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907