Lucene search
K

27 matches found

CVE
CVE
added 2026/06/23 5:13 p.m.9 views

CVE-2026-49440

Summary: CVE-2026-49440 affects Deno’s crypto.primality tests when using default options (checks=0) for checkPrime/checkPrimeSync, causing some composites to be reported as prime due to zero Miller-Rabin rounds. This occurs in the node:crypto path and related op_node_check_prime implementations; ...

7.4CVSS5.8AI score0.00149EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/23 5:13 p.m.37 views

CVE-2026-49440 Deno: Miller-Rabin Primality Test Allows Zero Rounds

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, node:crypto.checkPrimecandidate, options, callback and crypto.checkPrimeSynccandidate, options ran no Miller-Rabin rounds at all when the caller left options.checks at its default of 0. In that mode, the only test applied ...

7.4CVSS0.00149EPSS
Exploits0References2
OSV
OSV
added 2026/06/16 7:8 p.m.4 views

GHSA-9XG4-QHM4-G43W Deno: Miller-Rabin Primality Test Allows Zero Rounds

Summary node:crypto.checkPrimecandidate, options, callback and crypto.checkPrimeSynccandidate, options ran no Miller-Rabin rounds at all when the caller left options.checks at its default of 0. In that mode, the only test applied to the candidate was trial division by the primes up to 17,863. Any...

7.4CVSS5.5AI score0.00149EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/16 7:8 p.m.9 views

Deno: Miller-Rabin Primality Test Allows Zero Rounds

Summary node:crypto.checkPrimecandidate, options, callback and crypto.checkPrimeSynccandidate, options ran no Miller-Rabin rounds at all when the caller left options.checks at its default of 0. In that mode, the only test applied to the candidate was trial division by the primes up to 17,863. Any...

7.4CVSS5.4AI score0.00149EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-50149

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.8.1 Description The node:crypto.checkPrime and crypto.checkPrimeSync functions failed to perform Miller-Rabin rounds when the options.checks variable was left at its default value of 0. In this state, the software only...

7.4CVSS5.8AI score0.00149EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-9548

Malware in sbrugna...

7.5CVSS7.6AI score0.0143EPSS
Exploits0References4
Filippo.io
Filippo.io
added 2024/12/31 12:43 p.m.15 views

Benchmarking RSA Key Generation

RSA key generation is both conceptually simple, and one of the worst implementation tasks of the field of cryptography engineering. Even benchmarking it is tricky, and involves some math: here’s how we generated a stable but representative “average case” instead of using the ordinary statistical...

7.3AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.5 views

SUSE CVE-2014-9742

The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group...

7.5CVSS6.9AI score0.0143EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/04/24 6:46 p.m.2 views

bouncycastle: flaw in the low-level interface to RSA key pair generator

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...

7.5CVSS7.3AI score0.03592EPSS
Exploits0References4
OSV
OSV
added 2018/10/16 5:44 p.m.3 views

GHSA-XQJ7-J8J5-F2XR Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...

7.5CVSS7.2AI score0.03592EPSS
Exploits0References23
RedHat Linux
RedHat Linux
added 2018/09/11 7:53 a.m.2 views

bouncycastle: flaw in the low-level interface to RSA key pair generator

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...

7.5CVSS7.3AI score0.03592EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/09/04 2:10 p.m.4 views

bouncycastle: flaw in the low-level interface to RSA key pair generator

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...

7.5CVSS7.3AI score0.03592EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/08/15 11:31 a.m.3 views

bouncycastle: flaw in the low-level interface to RSA key pair generator

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...

7.5CVSS7.3AI score0.03592EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/08/15 11:31 a.m.2 views

bouncycastle: flaw in the low-level interface to RSA key pair generator

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...

7.5CVSS7.3AI score0.03592EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/08/15 11:28 a.m.2 views

bouncycastle: flaw in the low-level interface to RSA key pair generator

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...

7.5CVSS7.3AI score0.03592EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/08/15 11:20 a.m.4 views

bouncycastle: flaw in the low-level interface to RSA key pair generator

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...

7.5CVSS7.3AI score0.03592EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/06/25 12:0 a.m.43 views

Debian DSA-4233-1 : bouncycastle - security update

It was discovered that the low-level interface to the RSA key pair generator of Bouncy Castle a Java implementation of cryptographic algorithms could perform less Miller-Rabin primality tests than expected. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

7.5CVSS7.4AI score0.03592EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2018/06/21 12:0 a.m.50 views

Debian: Security Advisory (DSA-4233-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.3AI score0.03592EPSS
Exploits0References4
OSV
OSV
added 2018/06/05 1:29 p.m.5 views

UBUNTU-CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...

7.5CVSS7.1AI score0.03592EPSS
Exploits0References4
OSV
OSV
added 2018/06/05 1:29 p.m.3 views

DEBIAN-CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...

7.5CVSS7.5AI score0.03592EPSS
Exploits0References1
Rows per page
Query Builder