FortiClient Vulnerability

Nodejs CVE-2016-2178 Information Disclosure Vulnerability

Description

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

Affected Applications

Nodejs

CVE References

CVE-2016-2178

Other References

https://nodejs.org/en/blog/vulnerability/

ID	73162
Created	Sep 04, 2022
Description Updated	Dec 15, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	Node.js Foundation
Patch	manual
Application	Nodejs

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Nodejs CVE-2016-2178 Information Disclosure Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Nodejs CVE-2016-2178 Information Disclosure Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center