Lucene search
Alpine Linux Development TeamALPINE:CVE-2021-38195HistoryAug 08, 2021 - 6:15 a.m.
CVE-2021-38195
2021-08-0806:15:00
Alpine Linux Development Team
security.alpinelinux.org
11
0.003 Low
EPSS
Percentile
65.6%
An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust. It can verify an invalid signature because it allows the R or S parameter to be larger than the curve order, aka an overflow.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.14-community | noarch | libsecp256k1 | = 0_git20201009-r1 | UNKNOWN |
| Alpine | 3.15-community | noarch | libsecp256k1 | = 0_git20211025-r1 | UNKNOWN |
| Alpine | 3.16-community | noarch | libsecp256k1 | = 0_git20211025-r1 | UNKNOWN |
| Alpine | 3.17-community | noarch | libsecp256k1 | = 0_git20211025-r1 | UNKNOWN |
| Alpine | 3.18-community | noarch | libsecp256k1 | = 0.3.1-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | libsecp256k1 | = 0.3.2-r0 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2021-08-08 06:15:00
github
github
Overflow in libsecp256k1
2021-08-25 20:56:03
osv
osv
libsecp256k1 allows overflowing signatures
2021-07-13 12:00:00
Overflow in libsecp256k1
2021-08-25 20:56:03
CVE-2021-38195
2021-08-08 06:15:09
nvd
nvd
CVE-2021-38195
2021-08-08 06:15:09
cve
cve
CVE-2021-38195
2021-08-08 06:15:09
rustsec
rustsec
libsecp256k1 allows overflowing signatures
2021-07-13 12:00:00
cvelist
cvelist
CVE-2021-38195
2021-08-08 05:07:36