JLSEC-2026-681

Source
https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-681.md
Import Source
https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-681.json
JSON Data
https://api.osv.dev/v1/vulns/JLSEC-2026-681
Upstream
  • EUVD-2024-17290
  • GHSA-w782-gjg9-cjx6
Published
2026-07-14T21:41:35.775Z
Modified
2026-07-14T21:50:13.032851455Z
Severity
  • 4.1 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against...
Details

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the cache-line-level protection. For details on the attack refer to: https://doi.org/10.46586/tches.v2024.i1.457-500

Database specific
{
    "sources": [
        {
            "id": "CVE-2024-1543",
            "database_specific": {
                "status": "Analyzed"
            },
            "imported": "2026-07-14T21:22:48.795Z",
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2024-1543",
            "modified": "2026-06-17T07:04:27.670Z",
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1543",
            "published": "2024-08-29T23:15:10.067Z"
        },
        {
            "id": "GHSA-w782-gjg9-cjx6",
            "imported": "2026-07-14T21:22:59.163Z",
            "url": "https://api.github.com/advisories/GHSA-w782-gjg9-cjx6",
            "modified": "2024-09-04T15:31:38Z",
            "html_url": "https://github.com/advisories/GHSA-w782-gjg9-cjx6",
            "published": "2024-08-30T00:31:23Z"
        },
        {
            "id": "EUVD-2024-17290",
            "imported": "2026-07-14T21:22:52.789Z",
            "url": "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2024-17290",
            "modified": "2024-08-30T14:19:32Z",
            "html_url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-17290",
            "published": "2024-08-29T22:43:35Z"
        }
    ],
    "license": "CC-BY-4.0"
}
References

Affected packages

Julia / wolfSSL_jll

Package

Name
wolfSSL_jll
Purl
pkg:julia/wolfSSL_jll?uuid=98c43586-9870-5ae5-ab22-acc77b9bbdb5

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.7.2+0

Database specific

source
"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-681.json"