CVE-2016-7440

Source
https://cve.org/CVERecord?id=CVE-2016-7440
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7440.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-7440
Downstream
Related
Published
2016-12-13T16:59:10.190Z
Modified
2026-07-01T11:53:35.050774299Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

Database specific
{
    "unresolved_ranges": [
        {
            "source": "CPE_STRING",
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "vendor_product": "debian:debian_linux"
        }
    ]
}
References

Affected packages

Git
github.com/mariadb/server

Affected ranges

Type
GIT
Repo
https://github.com/mariadb/server
Events
Database specific
{
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "5.5.0"
        },
        {
            "fixed": "5.5.53"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "fixed": "10.0.28"
        },
        {
            "introduced": "10.1.0"
        },
        {
            "fixed": "10.1.19"
        }
    ],
    "cpe": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"
}

Affected versions

mariadb-10.*
mariadb-10.1.0
mariadb-10.1.10
mariadb-10.1.11
mariadb-10.1.12
mariadb-10.1.13
mariadb-10.1.14
mariadb-10.1.15
mariadb-10.1.16
mariadb-10.1.17
mariadb-10.1.18
mariadb-10.1.2
mariadb-10.1.3
mariadb-10.1.4
mariadb-10.1.5
mariadb-10.1.6
mariadb-10.1.7
mariadb-10.1.8
mariadb-10.1.9

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7440.json"
github.com/mysql/mysql-server

Affected ranges

Type
GIT
Repo
https://github.com/mysql/mysql-server
Events
Introduced
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Database specific
{
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "5.5.0"
        },
        {
            "last_affected": "5.5.52"
        },
        {
            "introduced": "5.6.0"
        },
        {
            "last_affected": "5.6.33"
        },
        {
            "introduced": "5.7.0"
        },
        {
            "last_affected": "5.7.15"
        }
    ],
    "cpe": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"
}

Affected versions

mysql-3.*
mysql-3.23.22-beta
mysql-3.23.28-gamma
mysql-3.23.30-gamma
mysql-3.23.31
mysql-3.23.32
mysql-3.23.33
mysql-3.23.36
mysql-4.*
mysql-4.0.2
mysql-4.0.4
mysql-5.*
mysql-5.1.4
mysql-5.5.15
mysql-5.5.19
mysql-5.5.23
mysql-5.5.25
mysql-5.5.27
mysql-5.5.44
mysql-5.5.47
mysql-5.5.49
mysql-5.5.52
mysql-5.6.33
mysql-5.7.15

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7440.json"
github.com/wolfssl/wolfssl

Affected ranges

Type
GIT
Repo
https://github.com/wolfssl/wolfssl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.9.10"
        }
    ],
    "cpe": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"
}

Affected versions

v0.*
v0.5
v1.*
v1.8.8.0
v1.9.0
v2.*
v2.0.2
v2.0.3
v2.0.6
v2.0.8
v2.0rc1
v2.0rc2
v2.0rc2b
v2.0rc3
v2.4.2
v2.4.6
v2.4.7
v2.6.0
v2.6.2
v2.7.0
v2.7.2
v2.8.0
v2.8.2
v2.8.3
v2.8.4
v2.8.5
v2.8.5a
v2.8.6
v2.9.0
v2.9.1
v2.9.2
v2.9.4
v3.*
v3.2.0
v3.2.4
v3.2.6
v3.3.0
v3.3.3
v3.4.0
v3.4.2
v3.4.6
v3.6.8
v3.6.9
v3.7.0
v3.7.1
v3.7.3
v3.8.0
v3.9.0
v3.9.1
v3.9.10-stable
v3.9.6
v3.9.6w
v3.9.8

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7440.json"