A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is 477c10cf3b144ddf96526aa09f5fdea613f21812. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217596.
More Stories
USN-6751-1: Zabbix vulnerabilities
It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could...
USN-6752-1: FreeRDP vulnerabilities
It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious...
ruby-3.2.4-182.fc38
FEDORA-2024-48bdd3abbf Packages in this update: ruby-3.2.4-182.fc38 Update description: Upgrade to Ruby 3.2.4. Read More
ruby-3.2.4-182.fc39
FEDORA-2024-31cac8b8ec Packages in this update: ruby-3.2.4-182.fc39 Update description: Upgrade to Ruby 3.2.4. Read More
chromium-124.0.6367.78-1.el9
FEDORA-EPEL-2024-0c24da3136 Packages in this update: chromium-124.0.6367.78-1.el9 Update description: update to 124.0.6367.78 * Critical CVE-2024-4058: Type Confusion in ANGLE * High...
chromium-124.0.6367.78-1.fc38
FEDORA-2024-2c9be9d949 Packages in this update: chromium-124.0.6367.78-1.fc38 Update description: update to 124.0.6367.78 * Critical CVE-2024-4058: Type Confusion in ANGLE * High...