47 matches found
CLEANSTART-2026-WH33500 CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs
Multiple security vulnerabilities affect the atlantis-fips package. The CombinedMult function in the CIRCL ecc/p384 package secp384r1 curve produces an incorrect value for specific inputs. See references for individual vulnerability details...
CVE-2026-1229
The CombinedMult function in the CIRCL ecc/p384 package secp384r1 curve produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3...
CVE-2026-1229
The CVE-2026-1229 issue concerns the CIRCL library’s secp384r1 implementation (CIRCL ecc/p384) where CombinedMult could yield an incorrect value for specific inputs. The root cause is fixed by using complete addition formulas in the library. Affected operations include ECDH and ECDSA signing on t...
PT-2026-21672
Name of the Vulnerable Software and Affected Versions circl versions prior to 1.6.3 Description The CombinedMult function within the ecc/p384 package secp384r1 curve calculates an incorrect value for certain inputs. This issue does not affect ECDH and ECDSA signing operations that rely on this...
SUSE CVE-2026-26958
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
Linux Distros Unpatched Vulnerability : CVE-2026-26958
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and...
CVE-2026-26958
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
AZL-78216 CVE-2026-26958 affecting package telegraf 1.31.0-15
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
DEBIAN-CVE-2026-26958
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
AZL-78123 CVE-2026-26958 affecting package keda 2.14.1-11
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
CVE-2026-26958 filippo.io/edwards25519 MultiScalarMult function produces invalid results or undefined behavior if receiver is not the identity
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
CVE-2026-26958
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
CVE-2026-26958 filippo.io/edwards25519 MultiScalarMult function produces invalid results or undefined behavior if receiver is not the identity
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
CVE-2026-26958 filippo.io/edwards25519 MultiScalarMult function produces invalid results or undefined behavior if receiver is not the identity
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
CVE-2026-26958
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...
CVE-2026-26958
CVE-2026-26958 affects filippo.io/edwards25519. In v1.1.0 and earlier, MultiScalarMult can produce invalid results or undefined behavior if the receiver is not the identity point; an initialized non-identity receiver yields an incorrect result, and a zero/uninitialized receiver yields invalid beh...
filippo.io/edwards25519 安全漏洞
filippo.io/edwards25519 is a Go language library developed by Filippo Valsorda. Versions of filippo.io/edwards25519 prior to 1.1.0 contained security vulnerabilities. These vulnerabilities stemmed from the MultiScalarMult method generating invalid results or undefined behavior when the recipient ...
Improper Initialization
Overview Affected versions of this package are vulnerable to Improper Initialization via the MultiScalarMult function when the receiver is not properly initialized. An attacker can cause invalid results or undefined behavior by invoking this function on an uninitialized or non-identity receiver...
filippo.io/edwards25519 MultiScalarMult produces invalid results or undefined behavior if receiver is not the identity
Point.MultiScalarMult failed to initialize its receiver. If the method was called on an initialized point that is not the identity point, MultiScalarMult produced an incorrect result. If the method was called on an uninitialized point, the behavior was undefined. In particular, if the receiver wa...
Improper Initialization
Overview Affected versions of this package are vulnerable to Improper Initialization via the MultiScalarMult function when the receiver is not properly initialized. An attacker can cause invalid results or undefined behavior by invoking this function on an uninitialized or non-identity receiver...