13 matches found
CVE-2026-5466
wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...
EUVD-2021-30531
Malicious code in bioql PyPI...
Allocation of Resources Without Limits or Throttling
Overview gmpy2 is a gmpy2 interface to GMP, MPFR, and MPC for Python 3.7+ Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when performing arbitrary-precision calculations based on the GNU Multiple Precision Arithmetic Library GMP, in...
gmp: Integer overflow and resultant buffer overflow via crafted input
A flaw was found in gmp. An integer overflow vulnerability could allow an attacker to input an integer value leading to a crash. The highest threat from this vulnerability is to system availability...
RHEL 8 : gmp (RHSA-2024:1102)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1102 advisory. The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point...
Oracle Linux 9 : gmp (ELSA-2023-6661)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6661 advisory. 1:6.2.0-13 - Fix: previous commit removed one function from the library and thus broke the ABI - function gmpnpreinvdivrem1 should now not be removed Related:...
Huawei EulerOS: Security Advisory for gmp (EulerOS-SA-2023-1255)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : GMP vulnerability (USN-5672-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5672-1 advisory. It was discovered that GMP did not properly manage memory on 32-bit platforms when processing a specially crafted input. An attacker could...
Huawei EulerOS: Security Advisory for gmp (EulerOS-SA-2022-1253)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : gmp (SUSE-SU-2021:3878-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3878-1 advisory. - CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inpraw.c bsc1192717. Tenable has extracted the preceding descripti...
CVE-2021-43618
GNU Multiple Precision Arithmetic Library GMP through 6.2.1 has an mpz/inpraw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...
CVE-2021-43618
CVE-2021-43618 affects GMP up to version 6.2.1. The issue is an integer overflow in mpz/inp_raw.c that can cause a buffer overflow, leading to a segmentation fault on 32‑bit platforms. Public advisories in multiple distributions confirm a patched release is available (e.g., GMP 6.2.1-2 and newer;...
EulerOS Virtualization for ARM 64 3.0.2.0 : libgcrypt (EulerOS-SA-2020-1571)
According to the versions of the libgcrypt package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - DISPUTED The GNU Multiple Precision Arithmetic Library GMP interfaces for PHP through 7.1.4 allow attackers to cause...