The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
openssl openssl 1.1.1 |
||
openssl openssl |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 18.10 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
nodejs node.js 10.13.0 |
||
nodejs node.js |
||
netapp cn1610_firmware - |
||
netapp cloud backup - |
||
netapp oncommand unified manager |
||
netapp steelstore - |
||
netapp santricity smi-s provider - |
||
netapp element software - |
||
netapp snapdrive - |
||
netapp smi-s provider - |
||
oracle primavera p6 enterprise project portfolio management 16.2 |
||
oracle api gateway 11.1.2.4.0 |
||
oracle primavera p6 enterprise project portfolio management 15.1 |
||
oracle primavera p6 enterprise project portfolio management 16.1 |
||
oracle primavera p6 enterprise project portfolio management 15.2 |
||
oracle peoplesoft enterprise peopletools 8.55 |
||
oracle primavera p6 enterprise project portfolio management 8.4 |
||
oracle peoplesoft enterprise peopletools 8.56 |
||
oracle enterprise manager ops center 12.3.3 |
||
oracle peoplesoft enterprise peopletools 8.57 |
||
oracle primavera p6 enterprise project portfolio management |
||
oracle primavera p6 enterprise project portfolio management 18.8 |
||
oracle mysql |
||
oracle secure global desktop 5.4 |
||
oracle vm virtualbox |
||
oracle enterprise manager base platform 13.2.0.0.0 |
||
oracle enterprise manager base platform 12.1.0.5.0 |
||
oracle tuxedo 12.1.1.0.0 |
||
oracle enterprise manager base platform 13.3.0.0.0 |
||
oracle application server 0.9.8 |
||
oracle application server 1.0.0 |
||
oracle application server 1.0.1 |
Vulmon