6 matches found
The vulnerability of the dsa_sign_setup function in the OpenSSL library, which relates to the disclosure of protected information, allows attackers to circumvent cryptographic mechanisms used for encryption protection.
The vulnerability of the dsasignsetup function in the OpenSSL library is related to the exposure of protected information. Exploiting this vulnerability could allow an attacker to circumvent the cryptographic mechanisms used for encryption protection...
SUSE: Security Advisory (SUSE-SU-2018:2089-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2018:2452-2)
This update for libgcrypt fixes the following issues : The following security vulnerability was addressed : CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures bsc1097410. The following other issues were fixed: Extended the fipsdrv dsa-sign and dsa-verify...
Security update for libgcrypt (moderate)
This update for libgcrypt fixes the following issues: The following security vulnerability was addressed: - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures bsc1097410. The following other issues were fixed: - Extended the fipsdrv dsa-sign and dsa-veri...
OpenSSL 1.0.2 < 1.0.2i Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.0.2i. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2i advisory. - Multiple memory leaks in t1lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to...
ALPINE-CVE-2016-2178
The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack...