Vulners
Lucene search
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack.
| Reporter | Title | Published | Views | Family All 25 |
|---|---|---|---|---|
 | CVE-2021-3798 affecting package opencryptoki for versions less than 3.17.0-1 | 28 Sep 202311:57 | – | cbl_mariner |
 | openCryptoki 安全漏洞 | 23 Aug 202200:00 | – | cnnvd |
 | CVE-2021-3798 | 23 Aug 202215:48 | – | cve |
 | CVE-2021-3798 | 23 Aug 202215:48 | – | cvelist |
 | CVE-2021-3798 | 23 Aug 202215:48 | – | debiancve |
 | EUVD-2021-27058 | 7 Oct 202500:30 | – | euvd |
 | [SECURITY] Fedora 35 Update: qt5-qtwebengine-5.15.8-2.fc35 | 30 Jan 202201:44 | – | fedora |
 | CVE-2021-3798 | 23 Aug 202216:15 | – | nvd |
 | Fedora: Security Advisory for opencryptoki (FEDORA-2021-33f8ebd09c) | 5 Sep 202100:00 | – | openvas |
| Ubuntu: Security Advisory (USN-5031-1) | 28 Jan 202200:00 | – | openvas |
10
Node
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 Aug 2022 07:00Current
5.9Medium risk
Vulners AI Score5.9
CVSS 3.15.5
EPSS0.00154