Lucene search
GoogleOSV:GHSA-HRJM-C879-PP86HistoryAug 25, 2021 - 8:46 p.m.
libsecp256k1 contains side-channel timing attack
2021-08-2520:46:46
Google
osv.dev
6
0.002 Low
EPSS
Percentile
53.8%
Versions of libsecp256k1 prior to 0.3.1 did not execute Scalar::check_overflow in constant time. This allows an attacker to potentially leak information via a timing attack. The flaw was corrected by modifying Scalar::check_overflow to execute in constant time.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libsecp256k1 | lt | 0.3.1 |
Related
rustsec
rustsec
Flaw in Scalar::check_overflow allows side-channel timing attack
2019-10-14 12:00:00
github
github
libsecp256k1 contains side-channel timing attack
2021-08-25 20:46:46
alpinelinux
alpinelinux
CVE-2019-25003
2020-12-31 10:15:00
nvd
nvd
CVE-2019-25003
2020-12-31 10:15:14
cve
cve
CVE-2019-25003
2020-12-31 10:15:14
osv
osv
Flaw in Scalar::check_overflow allows side-channel timing attack
2019-10-14 12:00:00
CVE-2019-25003
2020-12-31 10:15:14
prion
prion
Information disclosure
2020-12-31 10:15:00
cvelist
cvelist
CVE-2019-25003
2020-12-31 08:32:57