Cross site request forgery (csrf)

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpreloadsinglesavesettingscallback function. This makes it possible for unauthenticated attackers to change...

Huawei EulerOS: Security Advisory for nettle (EulerOS-SA-2016-1061)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability in nettle affects PowerKVM

Summary PowerKVM is affected by a vulnerability in nettle. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-6489 DESCRIPTION: Nettle could allow a remote attacker to obtain sensitive information, caused by a cache-related side channel attack in the RSA and DSA...

GLSA-201706-21 : nettle: Information disclosure

The remote host is affected by the vulnerability described in GLSA-201706-21 nettle: Information disclosure It was found that nettles RSA and DSA decryption code was vulnerable to cache-related side channel attacks. See the referenced technical paper Cache Attacks Enable Bulk Key Recovery on the...

EulerOS 2.0 SP1 : nettle (EulerOS-SA-2016-1061)

According to the versions of the nettle packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languagesC+...

nettle security update

CentOS Errata and Security Advisory CESA-2016:2582 An update for nettle is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Oracle Linux 7 : nettle (ELSA-2016-2582)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-2582 advisory. - Use a cache-silent version of mpzpowm to prevent cache-timing attacks against RSA and DSA in shared VMs. 1364897,CVE-2016-6489 Tenable has extracted...

RHEL 7 : nettle (RHSA-2016:2582)

An update for nettle is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RedHat Update for nettle RHSA-2016:2582-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: nettle security and bug fix update

An update for nettle is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2016-6489

It was found that nettle's RSA and DSA decryption code was vulnerable to cache-related side channel attacks. An attacker could use this flaw to recover the private key from a co-located virtual-machine instance...