FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 18:22:07 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
f4876dd4-9ca8-11e8-aa17-0011d823eebd	mbed TLS -- plaintext recovery vulnerabilities Simon Butcher reports: When using a CBC based ciphersuite, a remote attacker can partially recover the plaintext. When using a CBC based ciphersuite, an attacker with the ability to execute arbitrary code on the machine under attack can partially recover the plaintext by use of cache based side-channels. Discovery 2018-07-24 Entry 2018-08-10 mbedtls < 2.12 https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02 CVE-2018-0497 CVE-2018-0498

VuXML ID

Description

f4876dd4-9ca8-11e8-aa17-0011d823eebd

mbed TLS -- plaintext recovery vulnerabilities

Simon Butcher reports:

When using a CBC based ciphersuite, a remote attacker can partially recover the plaintext.

When using a CBC based ciphersuite, an attacker with the ability to execute arbitrary code on the machine under attack can partially recover the plaintext by use of cache based side-channels.

Discovery 2018-07-24
Entry 2018-08-10
mbedtls

< 2.12

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02
CVE-2018-0497
CVE-2018-0498