Description
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
Remediation
References
Related Vulnerabilities
WordPress Plugin Contact Form 7 Captcha Cross-Site Request Forgery (0.0.8)
WordPress Plugin Booster for WooCommerce Multiple Cross-Site Scripting Vulnerabilities (5.4.8)
Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)
Drupal Other Vulnerability (CVE-2006-3570)
WordPress Plugin WP Login Security and History Cross-Site Request Forgery (1.0)