Lucene search
RedhatCVELIST:CVE-2021-3798HistoryAug 23, 2022 - 3:48 p.m.
CVE-2021-3798
2022-08-2315:48:58
CWE-200
redhat
www.cve.org
2
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack.
CNA Affected
[
{
"product": "opencryptoki",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in v3.17.0"
}
]
}
]Related
redhatcve
redhatcve
CVE-2021-3798
2021-09-13 07:38:42
osv
osv
CVE-2021-3798
2022-08-23 16:15:09
veracode
veracode
Denial Of Service (DoS)
2021-09-18 23:40:57
cbl_mariner
cbl_mariner
CVE-2021-3798 affecting package opencryptoki for versions less than 3.17.0-1
2023-09-28 11:57:58
openvas
openvas
Ubuntu: Security Advisory (USN-5031-1)
2022-01-28 00:00:00
Fedora: Security Advisory for opencryptoki (FEDORA-2021-33f8ebd09c)
2021-09-05 00:00:00
rocky
rocky
opencryptoki bug fix and enhancement update
2021-08-10 11:55:28
cve
cve
CVE-2021-3798
2022-08-23 16:15:09
nvd
nvd
CVE-2021-3798
2022-08-23 16:15:09
prion
prion
Design/Logic Flaw
2022-08-23 16:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2438
2024-06-27 10:51:15
debiancve
debiancve
CVE-2021-3798
2022-08-23 16:15:09
ubuntucve
ubuntucve
CVE-2021-3798
2022-08-23 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: qt5-qtwebengine-5.15.8-2.fc35
2022-01-30 01:44:13