Lucene search
Ubuntu.comUB:CVE-2017-12872HistorySep 01, 2017 - 12:00 a.m.
CVE-2017-12872
2017-09-0100:00:00
ubuntu.com
ubuntu.com
6
0.003 Low
EPSS
Percentile
69.8%
The (1) Htpasswd authentication source in the authcrypt module and (2)
SimpleSAML_Session class in SimpleSAMLphp 1.14.11 and earlier allow remote
attackers to conduct timing side-channel attacks by leveraging use of the
standard comparison operator to compare secret material against user input.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 16.04 | noarch | simplesamlphp | < any | UNKNOWN |
Related
prion
prion
Input validation
2017-09-01 21:29:00
veracode
veracode
Timing Attack
2017-08-21 14:22:05
osv
osv
CVE-2017-12872
2017-09-01 21:29:00
SimpleSAMLphp allows timing side-channel attacks
2022-05-14 01:04:04
simplesamlphp - security update
2018-06-29 00:00:00
cvelist
cvelist
CVE-2017-12872
2017-09-01 21:00:00
debiancve
debiancve
CVE-2017-12872
2017-09-01 21:29:00
github
github
SimpleSAMLphp allows timing side-channel attacks
2022-05-14 01:04:04
cve
cve
CVE-2017-12872
2017-09-01 21:29:00
friendsofphp
friendsofphp
Multiple timing side-channel issues
2017-03-17 09:34:24
debian
debian
[SECURITY] [DLA 1408-1] simplesamlphp security update
2018-06-29 21:10:46
[SECURITY] [DLA 1205-1] simplesamlphp security update
2017-12-12 10:13:42
openvas
openvas
Debian: Security Advisory (DLA-1408-1)
2018-07-09 00:00:00
Debian: Security Advisory (DLA-1205-1)
2023-03-08 00:00:00
nessus
nessus
Debian DLA-1408-1 : simplesamlphp security update
2018-07-02 00:00:00
Debian DLA-1205-1 : simplesamlphp security update
2017-12-13 00:00:00