Search for packages
| purl | pkg:deb/ubuntu/mbedtls@2.12.0-1 |
| Next non-vulnerable version | 2.16.4-1ubuntu2 |
| Latest non-vulnerable version | 2.16.4-1ubuntu2 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5kj3-xdpr-aaaf
Aliases: CVE-2019-18222 |
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks. |
Affected by 0 other vulnerabilities. |
|
VCID-7mdz-n5xr-aaam
Aliases: CVE-2019-16910 |
Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.) |
Affected by 0 other vulnerabilities. |
|
VCID-sdw8-s8qf-aaac
Aliases: CVE-2018-19608 |
Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-3s5y-zubs-aaab | ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. |
CVE-2018-0498
|
| VCID-j24c-3huf-aaah | ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169. |
CVE-2018-0497
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|