Security Advisory

CVE-2021-37606

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-28 18:34:57
Last updated 2024-08-04 01:23:01
Assigner mitre
State PUBLISHED

Description

Meow hash 0.5/calico does not sufficiently thwart key recovery by an attacker who can query whether theres a collision in the bottom bits of the hashes of two messages, as demonstrated by an attack against a long-running web service that allows the attacker to infer collisions by measuring timing differences.