Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2018-0734

UNKNOWN

Published 2018-10-30T12:00:00Z

Actions:

No CVSS data available

Description

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

OpenSSL

Affected Versions:

Fixed in OpenSSL 1.1.1a (Affected 1.1.1) Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i) Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p)

References

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://usn.ubuntu.com/3840-1/

https://www.debian.org/security/2018/dsa-4355

https://security.netapp.com/advisory/ntap-20181105-0002/

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8abfe72e8c1de1b95f50aa0d9134803b4d00070f

https://www.tenable.com/security/tns-2018-17

https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/

https://www.tenable.com/security/tns-2018-16

http://www.securityfocus.com/bid/105758

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ef11e19d1365eea2b1851e6f540a0bf365d303e7

https://www.debian.org/security/2018/dsa-4348

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=43e6a58d4991a451daf4891ff05a48735df871ac

https://www.openssl.org/news/secadv/20181030.txt

https://security.netapp.com/advisory/ntap-20190118-0002/

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://security.netapp.com/advisory/ntap-20190423-0002/

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html

https://access.redhat.com/errata/RHSA-2019:2304

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/

https://access.redhat.com/errata/RHSA-2019:3700

https://access.redhat.com/errata/RHSA-2019:3933

https://access.redhat.com/errata/RHSA-2019:3935

https://access.redhat.com/errata/RHSA-2019:3932

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/security-alerts/cpuapr2020.html

Published: 2018-10-30T12:00:00Z

Last Modified: 2024-09-16T23:10:36.543Z

Copied to clipboard!