| Max CVSS | 5.8 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-10846 | 1.9 |
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain
|
13-02-2023 - 04:50 | 22-08-2018 - 13:29 | |
| CVE-2018-10844 | 4.3 |
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data
|
13-02-2023 - 04:50 | 22-08-2018 - 13:29 | |
| CVE-2018-10845 | 4.3 |
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing dat
|
13-02-2023 - 04:50 | 22-08-2018 - 13:29 | |
| CVE-2020-11501 | 5.8 |
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes
|
21-07-2021 - 11:39 | 03-04-2020 - 13:15 |