rpm package
suse/putty&distro=SUSE Package Hub 15 SP5
pkg:rpm/suse/putty&distro=SUSE%20Package%20Hub%2015%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-31497 | — | < 0.81-bp155.2.6.1 | 0.81-bp155.2.6.1 | Apr 15, 2024 | In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by P | ||
| CVE-2023-48795 | Med | 5.9 | < 0.80-bp155.2.3.1 | 0.80-bp155.2.3.1 | Dec 18, 2023 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end |
- CVE-2024-31497Apr 15, 2024affected < 0.81-bp155.2.6.1fixed 0.81-bp155.2.6.1
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by P
- affected < 0.80-bp155.2.3.1fixed 0.80-bp155.2.3.1
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end