CVE-2012-0390
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2012-0390
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2012-0390.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2012-0390
- Downstream
- Related
- Published
- 2012-01-06T01:55:01Z
- Modified
- 2025-08-09T19:01:28Z
- Summary
- [none]
- Details
-
The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108.
- References