Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-7440

Опубликовано: 13 дек. 2016
Источник: debian
EPSS Низкий

Описание

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mariadb-10.0fixed10.0.28-1package
mysql-5.7fixed5.7.16-1package
mysql-5.6fixed5.6.34-1package
mysql-5.5removedpackage
wolfsslfixed3.9.10+dfsg-1package

Примечания

  • Fixed in MariaDB 5.5.53, MariaDB 10.0.28

EPSS

Процентиль: 28%
0.00096
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-7440

CVSS3: 5.5
ubuntu
больше 8 лет назад

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

redhat логотип

CVE-2016-7440

CVSS3: 5.1
redhat
почти 9 лет назад

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

nvd логотип

CVE-2016-7440

CVSS3: 5.5
nvd
больше 8 лет назад

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

github логотип

GHSA-7x96-8fm7-rhwj

CVSS3: 5.5
github
больше 3 лет назад

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

suse-cvrf логотип

SUSE-SU-2016:2780-1

suse-cvrf
почти 9 лет назад

Security update for mysql

EPSS

Процентиль: 28%
0.00096
Низкий