Back to search
CVE-2021-37606
Published: Jul 28, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
Meow hash 0.5/calico does not sufficiently thwart key recovery by an attacker who can query whether there's a collision in the bottom bits of the hashes of two messages, as demonstrated by an attack against a long-running web service that allows the attacker to infer collisions by measuring timing differences.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://news.ycombinator.com/item?id=27978878
x_refsource_MISC
https://peter.website/meow-hash-cryptanalysis
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now