Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Chrome |
Google |
* |
* |
References