{"id":"CVE-2018-0734","details":"The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).","modified":"2026-04-16T01:37:54.266993469Z","published":"2018-10-30T12:29:00.257Z","related":["SUSE-FU-2022:0445-1","SUSE-SU-2018:3863-1","SUSE-SU-2018:3864-1","SUSE-SU-2018:3864-2","SUSE-SU-2018:3866-1","SUSE-SU-2018:3945-1","SUSE-SU-2018:3964-1","SUSE-SU-2018:3989-1","SUSE-SU-2018:4001-1","SUSE-SU-2018:4068-1","SUSE-SU-2018:4274-1","SUSE-SU-2019:0117-1","SUSE-SU-2019:0395-1","SUSE-SU-2019:1553-1","openSUSE-SU-2019:1547-1","openSUSE-SU-2019:1814-1","openSUSE-SU-2024:11126-1","openSUSE-SU-2024:11127-1"],"references":[{"type":"WEB","url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=43e6a58d4991a451daf4891ff05a48735df871ac"},{"type":"WEB","url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8abfe72e8c1de1b95f50aa0d9134803b4d00070f"},{"type":"WEB","url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ef11e19d1365eea2b1851e6f540a0bf365d303e7"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/105758"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2304"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3700"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"type":"ADVISORY","url":"https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20181105-0002/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20190118-0002/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20190423-0002/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3840-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4348"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4355"},{"type":"ADVISORY","url":"https://www.openssl.org/news/secadv/20181030.txt"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"type":"ADVISORY","url":"https://www.tenable.com/security/tns-2018-16"},{"type":"ADVISORY","url":"https://www.tenable.com/security/tns-2018-17"},{"type":"FIX","url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"type":"FIX","url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"type":"FIX","url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nodejs/node","events":[{"introduced":"6b1c40be84fbe5ea404f25e4e340a0c1fe67a60a"},{"fixed":"b6589e3d9be963b29a8559bf7b272b54284fe1bc"},{"introduced":"cea049bcf8bb0f9a6e0095dbd5dffdb14dc8f71b"},{"fixed":"00fb73a72eff0e90d0f85b95dbcfc3c21f89cff9"},{"introduced":"f76ce0a75641991bfc235775a4747c978e0e281b"},{"fixed":"39716a8835a0ba61683974aef70e05ce7f8e414a"}]}],"versions":["v11.0.0","v11.1.0","v11.2.0","v6.10.0","v6.10.1","v6.10.2","v6.10.3","v6.11.0","v6.11.1","v6.11.2","v6.11.3","v6.11.4","v6.11.5","v6.12.0","v6.12.1","v6.12.2","v6.12.3","v6.13.0","v6.13.1","v6.14.0","v6.14.1","v6.14.2","v6.14.3","v6.14.4","v6.9.0","v6.9.1","v6.9.2","v6.9.3","v6.9.4","v6.9.5","v8.10.0","v8.11.0","v8.11.1","v8.11.2","v8.11.3","v8.11.4","v8.12.0","v8.13.0","v8.9.0","v8.9.1","v8.9.2","v8.9.3","v8.9.4"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-0734.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}