Skip to main content

Cryptlib

2 CVEs product

Monthly

CVE-2024-0202 MEDIUM This Month

A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib is compiled with the support for RSA key exchange ciphersuites in TLS (by setting the USE_RSA_SUITES. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Microsoft Cryptlib
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2018-12433 MEDIUM POC This Month

cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Cryptlib
NVD
CVSS 3.1
4.9
EPSS
0.3%
EPSS 0% CVSS 5.9
MEDIUM This Month

A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib is compiled with the support for RSA key exchange ciphersuites in TLS (by setting the USE_RSA_SUITES. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Microsoft Cryptlib
NVD
EPSS 0% CVSS 4.9
MEDIUM POC This Month

cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Cryptlib
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy