CVE-2021-37606

Meow hash 0.5/calico does not sufficiently thwart key recovery by an attacker who can query whether there's a collision in the bottom bits of the hashes of two messages, as demonstrated by an attack against a long-running web service that allows the attacker to infer collisions by measuring timin...

PT-2021-21735 · Meow Hash · Meow Hash

Name of the Vulnerable Software and Affected Versions: Meow hash version 0.5/calico Description: The issue concerns a weakness in Meow hash 0.5/calico that allows an attacker to recover keys by querying whether there's a collision in the bottom bits of the hashes of two messages. This is...