View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-14737 severity moderate: SUSE including 9 source package names (Botan-2.18.1-1.3, Botan-doc-2.18.1-1.3, …), 15 product×package rows across 5 product lines (SUSE Linux Enterprise Software Development Kit 12 SP2, SUSE Linux Enterprise Software Development Kit 12 SP3, … (5 product lines)): Fixed 15.
A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key.