- Home
- CVEs with nessus.description==Neel Mehta discovered that OpenSSL incorrectly handled memory in the
TLS heartbeat extension. An attacker could use this issue to obtain up
to 64k of memory contents from the client or server, possibly leading
to the disclosure of private keys and other sensitive information.
(CVE-2014-0160)
Yuval Yarom and Naomi Benger discovered that OpenSSL incorrectly
handled timing during swap operations in the Montgomery ladder
implementation. An attacker could use this issue to perform
side-channel attacks and possibly recover ECDSA nonces.
(CVE-2014-0076).
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top