PT-2015-7761 · Gnu+1 · Gnutls+1

Marcus Meissner

·

Publicado

2015-11-30

·

Atualizado

2020-01-09

·

CVE-2015-8313

CVSS v3.1

5.9

Média

VetorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions GnuTLS (affected versions not specified)
Description The issue concerns the incorrect validation of the first byte of padding in CBC modes by GnuTLS.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Side Channel Attack

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-203

Identificadores relacionados

CVE-2015-8313
DLA-364-1
DSA-3408-1
SUSE-SU-2016:0077-1
USN-2821-1

Produtos afetados

Gnutls
Suse