Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:35 a.m.10 views

CVE-2019-25003

An issue was discovered in the libsecp256k1 crate before 0.3.1 for Rust. Scalar::checkoverflow allows a timing side-channel attack; consequently, attackers can obtain sensitive information...

7.5CVSS6.7AI score0.01415EPSS
Exploits0References1
OSV
OSV
added 2020/12/31 10:15 a.m.14 views

CVE-2019-25003

An issue was discovered in the libsecp256k1 crate before 0.3.1 for Rust. Scalar::checkoverflow allows a timing side-channel attack; consequently, attackers can obtain sensitive information...

7.5CVSS7AI score0.01415EPSS
Exploits0References1
CVE
CVE
added 2020/12/31 8:32 a.m.71 views

CVE-2019-25003

CVE-2019-25003 affects the Rust libsecp256k1 crate prior to 0.3.1, where Scalar::check_overflow did not execute in constant time. This timing side-channel can allow an attacker to potentially obtain sensitive information. The issue is fixed in 0.3.1 by making Scalar::check_overflow constant time;...

7.5CVSS7.3AI score0.01415EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2019/10/14 12:0 p.m.5 views

devp2p (>=0.4.0 <=0.4.1), dpt (>=0.3.0 <=0.3.1) +10 more potentially affected by CVE-2019-25003 via libsecp256k1 (=0.1.3)

libsecp256k1 CARGO version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on libsecp256k1 and may be impacted: - devp2p =0.4.0, =0.3.0, =0.3.4, =0.3.4, =0.9.2, =0.9.1, =0.4.0, =0.8.2, =0.11.0-beta.0 Source cves: CVE-2019-25003 Source advisory:...

7.5CVSS7.1AI score0.01415EPSS
Exploits0
Rows per page
Query Builder