VYPR

Crypto

by Erlang

Source repositories

CVEs (2)

  • CVE-2019-3738Sep 18, 2019
    risk 0.00cvss epss 0.02

    RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.

  • CVE-2011-0766May 31, 2011
    risk 0.00cvss epss 0.03

    The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.