Open mend-bolt-for-github[bot] opened 1 year ago
TLS/SSL and crypto library
Library home page: https://github.com/openssl/openssl.git
Found in HEAD commit: 6f719838d9678f70a4cef9975b0651b5074efe7c
Found in base branch: master
/bn_lib.c
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
Publish Date: 2018-11-15
URL: CVE-2018-5407
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407
Release Date: 2018-11-15
Fix Resolution: OpenSSL_1_1_0i,OpenSSL_1_1_1
Step up your Open Source Security Game with Mend here
CVE-2018-5407 - Medium Severity Vulnerability
TLS/SSL and crypto library
Library home page: https://github.com/openssl/openssl.git
Found in HEAD commit: 6f719838d9678f70a4cef9975b0651b5074efe7c
Found in base branch: master
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
Publish Date: 2018-11-15
URL: CVE-2018-5407
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407
Release Date: 2018-11-15
Fix Resolution: OpenSSL_1_1_0i,OpenSSL_1_1_1
Step up your Open Source Security Game with Mend here