CVE-2018-0734 | Timing attack against DSA

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).

Published: 2018-10-30 Last update: 2026-06-17 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2018-0734 is rated Moderate Risk (62.1/100): CVSS Medium severity, with high exploitation likelihood (EPSS 12.15%, 96th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. EPSS rose +7.10% over the last day, indicating growing attacker interest. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2018-0734

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 5.06% 12.15% +7.10%
2 2026-05-22 6.05% 5.06% -0.99%
3 2026-03-04 6.05%

Full EPSS history (46 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2018-0734

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.9 3.1 MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:H)
Even with access, the exploit needs extra luck, timing, or a fussy environment to actually work.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:N)
Service keeps running; no real outage angle.
 2.2 3.6 [email protected]
4.3 2.0 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:N)
No availability impact.
 8.6 2.9 [email protected]

Weakness enumeration for CVE-2018-0734

OS Trackers for CVE-2018-0734

vendor priority summary link
alpine medium CVE-2018-0734: 5 source package rows (nodejs, nodejs-current, openssl, openssl1.1-compat, openssl3); 32 state rows across 17 repos (3.10-main, 3.11-main, 3.12-main, 3.17-community, 3.17-main, 3.18-community, 3.18-main, 3.19-community, 3.19-main, 3.20-community, 3.20-main, 3.21-community, 3.21-main, 3.22-community, 3.22-main, edge-community, edge-main); fixed 32, open 0. https://security.alpinelinux.org/vuln/CVE-2018-0734
debian not yet assigned CVE-2018-0734 not yet assigned priority: Debian including 1 source packages (openssl), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2018-0734
redhat low https://access.redhat.com/security/cve/CVE-2018-0734
suse medium CVE-2018-0734 severity moderate: SUSE including 490 source package names (0.9.1:libopenssl1_0_0-1.0.2j-60.46.1, 0.9.1:openssl-1.0.2j-60.46.1, …), 966 product×package rows across 148 product lines (Container caasp/v4/default-http-backend, Container caasp/v4/dnsmasq-nanny, … (148 product lines)): Fixed 678, Known Affected 157, Known Not Affected 131. https://www.suse.com/security/cve/CVE-2018-0734/
ubuntu low CVE-2018-0734 low priority: Ubuntu including 3 source packages (openssl, openssl098, openssl1.0), 30 status rows across 10 suites (bionic, cosmic, disco, eoan, focal, groovy, hirsute, trusty, upstream, xenial): DNE 16, released 11, needs-triage 3. https://ubuntu.com/security/CVE-2018-0734

Affected software / configurations for CVE-2018-0734

Vendor Product Version Raw CPE
openssl openssl >= 1.0.2, <= 1.0.2p cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
openssl openssl >= 1.1.0, <= 1.1.0i cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
openssl openssl 1.1.1 cpe:2.3:a:openssl:openssl:1.1.1:*:*:*:*:*:*:*
canonical ubuntu_linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 18.10 cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
debian debian_linux 9.0 cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
nodejs node.js >= 6.0.0, <= 6.8.1 cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
nodejs node.js >= 6.9.0, < 6.15.0 cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
nodejs node.js >= 8.0.0, <= 8.8.1 cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
nodejs node.js >= 8.9.0, < 8.14.0 cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
nodejs node.js >= 10.0.0, <= 10.12.0 cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
nodejs node.js >= 11.0.0, < 11.3.0 cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
nodejs node.js 10.13.0 cpe:2.3:a:nodejs:node.js:10.13.0:*:*:*:lts:*:*:*
netapp cn1610_firmware cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*
netapp cloud_backup cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
netapp oncommand_unified_manager cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*
netapp santricity_smi-s_provider cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
netapp snapcenter cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
netapp steelstore cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*
netapp storage_automation_store cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
oracle api_gateway 11.1.2.4.0 cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
oracle e-business_suite_technology_stack 0.9.8 cpe:2.3:a:oracle:e-business_suite_technology_stack:0.9.8:*:*:*:*:*:*:*
oracle e-business_suite_technology_stack 1.0.0 cpe:2.3:a:oracle:e-business_suite_technology_stack:1.0.0:*:*:*:*:*:*:*
oracle e-business_suite_technology_stack 1.0.1 cpe:2.3:a:oracle:e-business_suite_technology_stack:1.0.1:*:*:*:*:*:*:*
oracle enterprise_manager_base_platform 12.1.0.5.0 cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
oracle enterprise_manager_base_platform 13.2.0.0.0 cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*
oracle enterprise_manager_base_platform 13.3.0.0.0 cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*
oracle enterprise_manager_ops_center 12.3.3 cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
oracle mysql_enterprise_backup >= 3.0, <= 3.12.3 cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:*
oracle mysql_enterprise_backup >= 4.0, <= 4.1.2 cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.55 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.56 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.57 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
oracle primavera_p6_professional_project_management >= 17.7, <= 17.12 cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*
oracle primavera_p6_professional_project_management 8.4 cpe:2.3:a:oracle:primavera_p6_professional_project_management:8.4:*:*:*:*:*:*:*
oracle primavera_p6_professional_project_management 15.1 cpe:2.3:a:oracle:primavera_p6_professional_project_management:15.1:*:*:*:*:*:*:*
oracle primavera_p6_professional_project_management 15.2 cpe:2.3:a:oracle:primavera_p6_professional_project_management:15.2:*:*:*:*:*:*:*
oracle primavera_p6_professional_project_management 16.1 cpe:2.3:a:oracle:primavera_p6_professional_project_management:16.1:*:*:*:*:*:*:*
oracle primavera_p6_professional_project_management 16.2 cpe:2.3:a:oracle:primavera_p6_professional_project_management:16.2:*:*:*:*:*:*:*
oracle primavera_p6_professional_project_management 18.8 cpe:2.3:a:oracle:primavera_p6_professional_project_management:18.8:*:*:*:*:*:*:*
oracle tuxedo 12.1.1.0.0 cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*

References for CVE-2018-0734

URL Tags
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html Mailing List Third Party Advisory
http://www.securityfocus.com/bid/105758 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2019:2304 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3700 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3932 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3933 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3935 Third Party Advisory
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=43e6a58d4991a451daf4891ff05a48735df871ac
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8abfe72e8c1de1b95f50aa0d9134803b4d00070f
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ef11e19d1365eea2b1851e6f540a0bf365d303e7
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20181105-0002/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20190118-0002/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20190423-0002/ Third Party Advisory
https://usn.ubuntu.com/3840-1/ Third Party Advisory
https://www.debian.org/security/2018/dsa-4348 Third Party Advisory
https://www.debian.org/security/2018/dsa-4355 Third Party Advisory
https://www.openssl.org/news/secadv/20181030.txt Vendor Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch Third Party Advisory
https://www.tenable.com/security/tns-2018-16 Third Party Advisory
https://www.tenable.com/security/tns-2018-17 Third Party Advisory
cvelogic Threat Intelligence