2018-10-29 14:29:00 2020-08-24 19:37:00

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE
Oracle Vm virtualbox * * * * (not an official CPE) Oracle Vm virtualbox * * * * (not an official CPE) Oracle Tuxedo 12.1.1.0.0 * * * (not an official CPE) Oracle Secure global desktop 5.4 * * * (not an official CPE) Oracle Primavera p6 enterprise project portfolio management 18.8 * * * (not an official CPE) Oracle Primavera p6 enterprise project portfolio management * * * * (not an official CPE) Oracle Primavera p6 enterprise project portfolio management 16.2 * * * (not an official CPE) Oracle Primavera p6 enterprise project portfolio management 16.1 * * * (not an official CPE) Oracle Primavera p6 enterprise project portfolio management 15.2 * * * (not an official CPE) Oracle Primavera p6 enterprise project portfolio management 15.1 * * * (not an official CPE) Oracle Primavera p6 enterprise project portfolio management 8.4 * * * (not an official CPE) Oracle Peoplesoft enterprise peopletools 8.57 * * * (not an official CPE) Oracle Peoplesoft enterprise peopletools 8.56 * * * (not an official CPE) Oracle Peoplesoft enterprise peopletools 8.55 * * * (not an official CPE) Oracle Mysql * * * * (not an official CPE) Oracle Mysql * * * * (not an official CPE) Oracle Mysql * * * * (not an official CPE) Oracle Enterprise manager ops center 12.3.3 * * * (not an official CPE) Oracle Enterprise manager base platform 13.3.0.0.0 * * * (not an official CPE) Oracle Enterprise manager base platform 13.2.0.0.0 * * * (not an official CPE) Oracle Enterprise manager base platform 12.1.0.5.0 * * * (not an official CPE) Oracle Application server 1.0.1 * * * (not an official CPE) Oracle Application server 1.0.0 * * * (not an official CPE) Oracle Application server 0.9.8 * * * (not an official CPE) Oracle Api gateway 11.1.2.4.0 * * * (not an official CPE) Netapp Steelstore - * * * (not an official CPE) Netapp Snapdrive - * * * (not an official CPE) Netapp Snapdrive - * * * (not an official CPE) Netapp Smi-s provider - * * * (not an official CPE) Netapp Santricity smi-s provider - * * * (not an official CPE) Netapp Oncommand unified manager * * * * (not an official CPE) Netapp Oncommand unified manager * * * * (not an official CPE) Netapp Element software - * * * (not an official CPE) Netapp Cloud backup - * * * (not an official CPE) Nodejs Node.js * * * * (not an official CPE) Nodejs Node.js * * * * (not an official CPE) Openssl Openssl 1.1.1 * * * (not an official CPE) Openssl Openssl * * * * (not an official CPE)