Lucene search
K

5 matches found

OSV
OSV
added 2026/01/08 9:15 p.m.1 views

DEBIAN-CVE-2025-14505

The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of 'k' as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 has leading zeros and is susceptible to cryptanalysis, which can lead to secret key exposure. This...

5.6CVSS5.4AI score0.00161EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/01/08 9:5 p.m.5 views

CVE-2025-14505

The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of 'k' as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 has leading zeros and is susceptible to cryptanalysis, which can lead to secret key exposure. This...

5.6CVSS5.3AI score0.00161EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/01/08 9:5 p.m.7 views

CVE-2025-14505 Elliptic Cryptanalysis vulnerability when `k` has leading zeros

The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of 'k' as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 has leading zeros and is susceptible to cryptanalysis, which can lead to secret key exposure. This...

5.6CVSS6.5AI score0.00161EPSS
Exploits0References2
CVE
CVE
added 2026/01/08 9:5 p.m.42 views

CVE-2025-14505

The CVE-2025-14505 entry concerns Elliptic’s ECDSA implementation. A fault in the ECDSA signing path occurs when the interim value of k (per RFC 6979 step 3.2) has leading zeros, causing the byte-length of k to be computed incorrectly and truncated. This can allow cryptanalytic leakage of the sec...

5.6CVSS6.5AI score0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.9 views

PT-2026-1743

Name of the Vulnerable Software and Affected Versions Elliptic versions prior to 6.6.2 Description The ECDSA implementation within the Elliptic package produces incorrect signatures when an interim value of k calculated according to step 3.2 of RFC 6979 contains leading zeros, making it susceptib...

5.6CVSS6.5AI score0.00161EPSS
Exploits0References5
Rows per page
Query Builder