Количество 7
Количество 7
CVE-2017-9526
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library.
CVE-2017-9526
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library.
CVE-2017-9526
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library.
CVE-2017-9526
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session ke ...
openSUSE-SU-2017:1700-1
Security update for libgcrypt
SUSE-SU-2017:1608-1
Security update for libgcrypt
GHSA-665h-28h9-qh6v
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-9526 In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library. | CVSS3: 5.9 | 1% Низкий | больше 8 лет назад |
 | CVE-2017-9526 In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library. | CVSS3: 5.9 | 1% Низкий | больше 8 лет назад |
 | CVE-2017-9526 In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library. | CVSS3: 5.9 | 1% Низкий | больше 8 лет назад |
| CVE-2017-9526 In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session ke ... | CVSS3: 5.9 | 1% Низкий | больше 8 лет назад |
 | openSUSE-SU-2017:1700-1 Security update for libgcrypt | 1% Низкий | больше 8 лет назад | |
| SUSE-SU-2017:1608-1 Security update for libgcrypt | 1% Низкий | больше 8 лет назад | |
| GHSA-665h-28h9-qh6v In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library. | CVSS3: 5.9 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу