Versions of libsecp256k1
prior to 0.3.1
did not execute
Scalar::check_overflow in constant time.
This allows an attacker to potentially leak information via a timing attack.
The flaw was corrected by modifying Scalar::check_overflow to execute in
constant time.
CPE | Name | Operator | Version |
---|---|---|---|
libsecp256k1 | lt | 0.3.1 |