6 matches found
CVE-2014-125055
A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitability is told to be difficult...
CVE-2014-125055
A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitability is told to be difficult...
Design/Logic Flaw
A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitability is told to be difficult...
CVE-2014-125055 agnivade easy-scrypt scrypt.go VerifyPassphrase timing discrepancy
A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitability is told to be difficult...
CVE-2014-125055
The CVE concerns the Go library agnivade/easy-scrypt. Affected is the VerifyPassphrase function in scrypt.go, where an observable timing discrepancy is introduced due to the underlying implementation flaw. Per multiple sources, upgrading to version 1.0.0 fixes the issue (patch: 477c10cf3b144ddf96...
Observable Timing Discrepancy
A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is...