Adyen APIs Library for Python timing attack vulnerability

Adyen has utility methods for validating notification HMAC signatures. The isvalidhmac and isvalidhmacnotification methods are vulnerable to a timing attack, you should compare the hash of the HMACs instead...

SUSE-SU-2024:1447-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: Upgrade openCryptoki to version 3.23 jscPED-3360, jscPED-3361 EP11: Add support for FIPS-session mode CVE-2024-0914: Updates to harden against RSA timing attacks bsc1219217 Bug fixes - provide userpkcs11 and grouppkcs11 Upgrade to version...

SUSE-SU-2023:2047-1 Security update for openssl-ibmca

This update for openssl-ibmca fixes the following issues: - Fixed a timing-based side channel attack in RSA in the IBMCA engine openssl-ibmca...

GHSA-HRJM-C879-PP86 libsecp256k1 contains side-channel timing attack

Versions of libsecp256k1 prior to 0.3.1 did not execute Scalar::checkoverflow in constant time. This allows an attacker to potentially leak information via a timing attack. The flaw was corrected by modifying Scalar::checkoverflow to execute in constant time...

OPENSUSE-SU-2020:0854-1 Security update for mozilla-nspr, mozilla-nss

This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53 - CVE-2020-12399: Fixed a timing attack on DSA signature generation bsc1171978. - CVE-2019-17006: Added length checks for cryptographic primitives bsc1159819. Release notes:...