221 matches found
OPENSUSE-SU-2025:20059-1 Security update for ongres-scram
This update for ongres-scram fixes the following issues: - CVE-2025-59432: Fixed timing attack vulnerability in SCRAM Authentication bsc1250399...
SUSE-SU-2025:21016-1 Security update for ongres-scram
This update for ongres-scram fixes the following issues: - CVE-2025-59432: Fixed timing attack vulnerability in SCRAM Authentication bsc1250399...
SUSE SLES15 / openSUSE 15 Security Update : ongres-scram (SUSE-SU-2025:4054-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4054-1 advisory. - CVE-2025-59432: Fixed timing attack vulnerability in SCRAM Authentication bsc1250399 Tenable has extracted the preceding...
openSUSE Security Advisory (SUSE-SU-2025:4054-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for ongres-scram
This update for ongres-scram fixes the following issues: CVE-2025-59432: Fixed timing attack vulnerability in SCRAM Authentication bsc1250399 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
SUSE-SU-2025:4054-1 Security update for ongres-scram
This update for ongres-scram fixes the following issues: - CVE-2025-59432: Fixed timing attack vulnerability in SCRAM Authentication bsc1250399...
ongres-scram-3.2-7.1 on GA media (moderate)
ongres-scram-3.2-7.1 on GA media Announcement ID: openSUSE-SU-2025:15680-1 Rating: moderate Cross-References: CVE-2025-59432 CVSS scores: CVE-2025-59432 SUSE : 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N CVE-2025-59432 SUSE : 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:...
OPENSUSE-SU-2025:15680-1 ongres-scram-3.2-7.1 on GA media
These are all security issues fixed in the ongres-scram-3.2-7.1 package on the GA media of openSUSE Tumbleweed...
Timing Attack
com.ongres.scram:scram-common is vulnerable to Timing Attack. The vulnerability is due to the use of Arrays.equals for comparing sensitive authentication values, which performs short-circuit evaluations and causes variable execution times, allowing an attacker to exploit timing differences to inf...
OESA-2025-2395 ongres-scram security update
Scram is part of the family of Simple Authentication and Security Layer authentication mechanisms.It is described as part of RFC 5802 and RFC7677. This pachage is a Java implementation. Security Fixes: SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple...
OESA-2025-2393 ongres-scram security update
Scram is part of the family of Simple Authentication and Security Layer authentication mechanisms.It is described as part of RFC 5802 and RFC7677. This pachage is a Java implementation. Security Fixes: SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple...
OESA-2025-2394 ongres-scram security update
Scram is part of the family of Simple Authentication and Security Layer authentication mechanisms.It is described as part of RFC 5802 and RFC7677. This pachage is a Java implementation. Security Fixes: SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple...
EUVD-2025-29670
Malicious code in bioql PyPI...
EUVD-2022-3246
Malicious code in bioql PyPI...
EUVD-2024-3603
Malicious code in bioql PyPI...
EUVD-2022-36217
Malicious code in bioql PyPI...
CVE-2025-59432
SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. Prior to version 3.2, a timing attack vulnerability exists in the SCRAM Java implementation. The issue arises because Arrays.equals...
CVE-2025-59432 Timing Attack Vulnerability in SCRAM Authentication
SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. Prior to version 3.2, a timing attack vulnerability exists in the SCRAM Java implementation. The issue arises because Arrays.equals...
CVE-2025-59432 Timing Attack Vulnerability in SCRAM Authentication
SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. Prior to version 3.2, a timing attack vulnerability exists in the SCRAM Java implementation. The issue arises because Arrays.equals...
CVE-2025-59432 Timing Attack Vulnerability in SCRAM Authentication
SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. Prior to version 3.2, a timing attack vulnerability exists in the SCRAM Java implementation. The issue arises because Arrays.equals...