VulnerableCode Package Details - pkg:conan/mbedtls@2.16.3-apache

Search for packages

Package details: pkg:conan/mbedtls@2.16.3-apache

Essentials
History (0)

purl	pkg:conan/mbedtls@2.16.3-apache
Tags	Ghost

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-gcmg-8syc-aaaj Aliases: CVE-2020-16150	A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.	2.24.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version