{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T14:20:10.544","vulnerabilities":[{"cve":{"id":"CVE-2018-0737","sourceIdentifier":"openssl-security@openssl.org","published":"2018-04-16T18:29:00.267","lastModified":"2024-11-21T03:38:50.663","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o)."},{"lang":"es","value":"Se ha demostrado que el algoritmo de generación de claves RSA en OpenSSL es vulnerable a un ataque de sincronización de canal lateral de caché. Un atacante con acceso suficiente para montar ataques de sincronización de caché durante el proceso de generación de claves RSA podría recuperar la clave privada. Se ha solucionado en OpenSSL 1.1.0i-dev (afecta a 1.1.0-1.1.0h). Se ha solucionado en OpenSSL 1.0.2p-dev (afecta a 1.0.2b-1.0.2o)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-327"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.2b","versionEndIncluding":"1.0.2o","matchCriteriaId":"E14A0A5C-7968-4966-B32C-FAFB42644B4F"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"1.1.0","versionEndIncluding":"1.1.0h","matchCriteriaId":"BF986111-5DDB-4BC8-AF03-14626778AB23"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","matchCriteriaId":"B5A6F2F3-4894-4392-8296-3B8DD2679084"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","matchCriteriaId":"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","matchCriteriaId":"9070C9D8-A14A-467F-8253-33B966C16886"}]}]}],"references":[{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","source":"openssl-security@openssl.org"},{"url":"http://www.securityfocus.com/bid/103766","source":"openssl-security@openssl.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040685","source":"openssl-security@openssl.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:3221","source":"openssl-security@openssl.org"},{"url":"https://access.redhat.com/errata/RHSA-2018:3505","source":"openssl-security@openssl.org"},{"url":"https://access.redhat.com/errata/RHSA-2019:3932","source":"openssl-security@openssl.org"},{"url":"https://access.redhat.com/errata/RHSA-2019:3933","source":"openssl-security@openssl.org"},{"url":"https://access.redhat.com/errata/RHSA-2019:3935","source":"openssl-security@openssl.org"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5fdd6a6c3f","source":"openssl-security@openssl.org"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787","source":"openssl-security@openssl.org"},{"url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html","source":"openssl-security@openssl.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","source":"openssl-security@openssl.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","source":"openssl-security@openssl.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","source":"openssl-security@openssl.org"},{"url":"https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/","source":"openssl-security@openssl.org"},{"url":"https://security.gentoo.org/glsa/201811-21","source":"openssl-security@openssl.org"},{"url":"https://security.netapp.com/advisory/ntap-20180726-0003/","source":"openssl-security@openssl.org"},{"url":"https://securityadvisories.paloaltonetworks.com/Home/Detail/133","source":"openssl-security@openssl.org"},{"url":"https://usn.ubuntu.com/3628-1/","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3628-2/","source":"openssl-security@openssl.org","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3692-1/","source":"openssl-security@openssl.org"},{"url":"https://usn.ubuntu.com/3692-2/","source":"openssl-security@openssl.org"},{"url":"https://www.debian.org/security/2018/dsa-4348","source":"openssl-security@openssl.org"},{"url":"https://www.debian.org/security/2018/dsa-4355","source":"openssl-security@openssl.org"},{"url":"https://www.openssl.org/news/secadv/20180416.txt","source":"openssl-security@openssl.org","tags":["Vendor Advisory"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","source":"openssl-security@openssl.org"},{"url":"https://www.oracle.com/security-alerts/cpuapr2020.html","source":"openssl-security@openssl.org"},{"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","source":"openssl-security@openssl.org"},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","source":"openssl-security@openssl.org"},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","source":"openssl-security@openssl.org"},{"url":"https://www.tenable.com/security/tns-2018-12","source":"openssl-security@openssl.org"},{"url":"https://www.tenable.com/security/tns-2018-13","source":"openssl-security@openssl.org"},{"url":"https://www.tenable.com/security/tns-2018-14","source":"openssl-security@openssl.org"},{"url":"https://www.tenable.com/security/tns-2018-17","source":"openssl-security@openssl.org"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/103766","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040685","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:3221","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2018:3505","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2019:3932","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2019:3933","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2019:3935","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5fdd6a6c3f","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/201811-21","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20180726-0003/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://securityadvisories.paloaltonetworks.com/Home/Detail/133","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://usn.ubuntu.com/3628-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3628-2/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3692-1/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://usn.ubuntu.com/3692-2/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.debian.org/security/2018/dsa-4348","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.debian.org/security/2018/dsa-4355","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.openssl.org/news/secadv/20180416.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.oracle.com/security-alerts/cpuapr2020.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.tenable.com/security/tns-2018-12","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.tenable.com/security/tns-2018-13","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.tenable.com/security/tns-2018-14","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.tenable.com/security/tns-2018-17","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}