Headline
GHSA-944j-8ch6-rf6x: m2crypto Bleichenbacher timing attack - incomplete fix for CVE-2020-25657
A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
m2crypto Bleichenbacher timing attack - incomplete fix for CVE-2020-25657
Moderate severity GitHub Reviewed Published Feb 5, 2024 to the GitHub Advisory Database • Updated Feb 5, 2024