Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rustsecRustsecRUSTSEC-2021-0076
HistoryJul 13, 2021 - 12:00 p.m.

libsecp256k1 allows overflowing signatures

2021-07-1312:00:00
rustsec.org
9

0.003 Low

EPSS

Percentile

65.6%

JSON

libsecp256k1 accepts signatures whose R or S parameter is larger than the
secp256k1 curve order, which differs from other implementations. This could
lead to invalid signatures being verified.

The error is resolved in 0.5.0 by adding a check_overflow flag.

CPENameOperatorVersion
libsecp256k1lt0.5.0

Related

prion 1
github 1
osv 3
nvd 1
cve 1
cvelist 1
alpinelinux 1
prion
prion
Design/Logic Flaw
2021-08-08 06:15:00
github
github
Overflow in libsecp256k1
2021-08-25 20:56:03
osv
osv
libsecp256k1 allows overflowing signatures
2021-07-13 12:00:00
Overflow in libsecp256k1
2021-08-25 20:56:03
CVE-2021-38195
2021-08-08 06:15:09
nvd
nvd
CVE-2021-38195
2021-08-08 06:15:09
cve
cve
CVE-2021-38195
2021-08-08 06:15:09
cvelist
cvelist
CVE-2021-38195
2021-08-08 05:07:36
alpinelinux
alpinelinux
CVE-2021-38195
2021-08-08 06:15:00

0.003 Low

EPSS

Percentile

65.6%

JSON
Related for RUSTSEC-2021-0076
prion1github1osv3nvd1cve1cvelist1alpinelinux1