3 matches found
The vulnerability of the dsa_sign_setup function in the OpenSSL library, which relates to the disclosure of protected information, allows attackers to circumvent cryptographic mechanisms used for encryption protection.
The vulnerability of the dsasignsetup function in the OpenSSL library is related to the exposure of protected information. Exploiting this vulnerability could allow an attacker to circumvent the cryptographic mechanisms used for encryption protection...
OpenSSL 1.0.2 < 1.0.2i Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.0.2i. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2i advisory. - Multiple memory leaks in t1lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to...
ALPINE-CVE-2016-2178
The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack...