{"vulnerability": "CVE-2016-2178", "sightings": [{"uuid": "08e160a9-fdb0-4440-9270-f5f7ebb59d4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-2178", "type": "seen", "source": "https://t.me/arpsyndicate/29", "content": "#ExploitObserverAlert\n\nCVE-2016-2178\n\nDESCRIPTION: Exploit Observer has 70 entries related to CVE-2016-2178. The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.\n\nFIRST-EPSS: 0.001350000\nNVD-IS: 3.6\nNVD-ES: 1.8", "creation_timestamp": "2023-11-09T12:43:45.000000Z"}]}