CVE-2023-33850

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-33850

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-33850.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-33850

Downstream

SUSE-SU-2024:0605-1

SUSE-SU-2024:0619-1

Related

Published

2023-08-22T21:15:07.837Z

Modified

2026-02-15T07:47:02.706229Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information.

References

Affected packages

Git / github.com/ipython/ipython

Affected ranges

Type: GIT
Repo: https://github.com/ipython/ipython
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

bd470fe8cea36d6b1c65820e3e9fdb26d26ad422

Affected versions

1.*

1.0.0a1

3.*

3.0.0-dev

4.*

4.0.0

4.1.0

4.1.0rc1

4.1.0rc2

5.*

5.0.0

5.0.0b1

5.0.0b2

5.0.0b3

5.0.0b4

5.0.0rc1

5.1.0

6.*

6.0.0

6.0.0rc1

6.1.0

6.2.0

6.3.0

7.*

7.0.0

7.0.0-doc

7.0.0b1

7.0.0rc1

7.0.1

7.1.0

7.1.1

7.10.0

7.10.1

7.11.0

7.11.1

7.12.0

7.2.0

7.3.0

7.4.0

7.5.0

7.6.0

7.6.1

7.7.0

7.8.0

7.9.0

8.*

8.0.0

8.0.0a1

8.0.0b1

8.0.0rc1

8.1.0

dev-0.*

dev-0.11

rel-0.*

rel-0.11

rel-0.12

rel-0.13

rel-0.8.4

rel-0.9

rel-0.9.1

rel-1.*

rel-1.0.0

rel-2.*

rel-2.0.0

rel-3.*

rel-3.0.0

rel-4.*

rel-4.0.0

rel-4.0.0b1

rel-4.1.0

rel-4.1.0rc2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-33850.json"