CVE-2020-1968

Inadequate Encryption Strength in conan/openssl

Identifiers

CVE-2020-1968

Package Slug

conan/openssl

Vulnerability

Inadequate Encryption Strength

Description

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite.

Affected Versions

All versions starting from 1.0.2 up to 1.0.2v

Solution

Upgrade to version 1.1.0k or above.

Last Modified

2020-09-17

source