Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2016-2178

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

  • Published: Jun 20, 2016
  • Updated: Nov 9, 2025
  • CVE: CVE-2016-2178
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
openssl / openssl 1.0.1m 1.0.1m.x
openssl / openssl 1.0.2a 1.0.2a.x
openssl / openssl 1.0.1j 1.0.1j.x
openssl / openssl 1.0.1h 1.0.1h.x
openssl / openssl 1.0.2e 1.0.2e.x
openssl / openssl 1.0.1r 1.0.1r.x
openssl / openssl 1.0.2b 1.0.2b.x
openssl / openssl 1.0.1c 1.0.1c.x
openssl / openssl 1.0.1g 1.0.1g.x
openssl / openssl 1.0.2g 1.0.2g.x
openssl / openssl 1.0.1a 1.0.1a.x
openssl / openssl 1.0.2h 1.0.2h.x
openssl / openssl 1.0.1d 1.0.1d.x
openssl / openssl 1.0.1t 1.0.1t.x
openssl / openssl 1.0.2c 1.0.2c.x
openssl / openssl 1.0.1p 1.0.1p.x
openssl / openssl 1.0.1k 1.0.1k.x
openssl / openssl 1.0.1b 1.0.1b.x
openssl / openssl 1.0.1n 1.0.1n.x
openssl / openssl 1.0.1q 1.0.1q.x
openssl / openssl 1.0.1e 1.0.1e.x
openssl / openssl 1.0.1l 1.0.1l.x
openssl / openssl 1.0.1f 1.0.1f.x
openssl / openssl 1.0.1s 1.0.1s.x
openssl / openssl 1.0.1o 1.0.1o.x
openssl / openssl 1.0.2 1.0.2.x
openssl / openssl 1.0.2f 1.0.2f.x
openssl / openssl 1.0.1i 1.0.1i.x
openssl / openssl 1.0.1 1.0.1.x
openssl / openssl 1.0.2d 1.0.2d.x
oracle / solaris 11.3 11.3.x
oracle / linux 5 5.x
oracle / solaris 10 10.x
oracle / linux 6 6.x
oracle / linux 7 7.x
suse / linux_enterprise 12.0 12.0.x
nodejs / node.js 4.0.0 4.1.2.x
nodejs / node.js 0.12.0 0.12.16
nodejs / node.js 0.10.0 0.10.47
nodejs / node.js 4.2.0 4.6.0
nodejs / node.js 5.0.0 6.7.0
debian / debian_linux 8.0 8.0.x
canonical / ubuntu_linux 14.04 14.04.x
canonical / ubuntu_linux 16.04 16.04.x
canonical / ubuntu_linux 12.04 12.04.x