CVE-2024-13176 | OpenSSL up to 3.4.0 ECDSA Signature covert timing channel

Inserito da Angelo Barbosa | Gen 20, 2025 | CVE

A vulnerability, which was classified as problematic, was found in OpenSSL up to 3.4.0. This affects an unknown part of the component ECDSA Signature Handler. The manipulation leads to covert timing channel.

This vulnerability is uniquely identified as CVE-2024-13176. An attack has to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-13176 | OpenSSL up to 3.4.0 ECDSA Signature covert timing channel

Post correlati

CVE-2024-43748 | Adobe Experience Manager up to 6.5.21 Form Field cross site scripting (apsb24-69)

CVE-2023-45316 | Mattermost up to 7.8.14/8.1.5/9.0.3/9.1.2/9.2.1 Telemetry Run ID path traversal

CVE-2025-0561 | itsourcecode Farm Management System 1.0 /add-pig.php pigno sql injection

CVE-2024-44056 | CryoutCreations Mantra Plugin up to 3.3.2 on WordPress cross site scripting