RustCrypto/RSA

Cargo Audit Medium Vulnerability Found

msmeraglia opened this issue · 1 comments

Crate:     rsa
Version:   0.9.6
Title:     Marvin Attack: potential key recovery through timing sidechannels
Date:      2023-11-22
ID:        RUSTSEC-2023-0071
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0071
Severity:  5.9 (medium)
Solution:  No fixed upgrade is available!

We are aware, this is in fact the repository that contains the vulnerable crate: it was originally filed as #19, and we are working on a fix in #394