Lucene search
GoogleOSV:CVE-2021-38195HistoryAug 08, 2021 - 6:15 a.m.
CVE-2021-38195
2021-08-0806:15:09
Google
osv.dev
3
An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust. It can verify an invalid signature because it allows the R or S parameter to be larger than the curve order, aka an overflow.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libsecp256k1 | eq | 0.2.2 | |
| libsecp256k1 | eq | 0.3.5 | |
| libsecp256k1 | eq | 0.1.15 | |
| libsecp256k1 | eq | 0.3.1 |
Related
prion
prion
Design/Logic Flaw
2021-08-08 06:15:00
github
github
Overflow in libsecp256k1
2021-08-25 20:56:03
osv
osv
libsecp256k1 allows overflowing signatures
2021-07-13 12:00:00
Overflow in libsecp256k1
2021-08-25 20:56:03
nvd
nvd
CVE-2021-38195
2021-08-08 06:15:09
alpinelinux
alpinelinux
CVE-2021-38195
2021-08-08 06:15:00
cve
cve
CVE-2021-38195
2021-08-08 06:15:09
rustsec
rustsec
libsecp256k1 allows overflowing signatures
2021-07-13 12:00:00
cvelist
cvelist
CVE-2021-38195
2021-08-08 05:07:36