National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CVE Identifier: CVE-2014-0076
There are 1 matching records.
Vuln ID Summary CVSS Severity
CVE-2014-0076

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.

Published: March 25, 2014; 09:25:21 AM -04:00
V2: 1.9 LOW