Medium severity5.3NVD Advisory· Published Aug 28, 2018· Updated Jun 17, 2026
CVE-2017-15423
CVE-2017-15423
Description
Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coords2 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2
< 93.0.4577.82-1.1+ 1 more
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 63.0.3239.84-40.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.