4 matches found
UBUNTU-CVE-2026-1229
The CombinedMult function in the CIRCL ecc/p384 package secp384r1 curve produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3...
PT-2026-21672
Name of the Vulnerable Software and Affected Versions circl versions prior to 1.6.3 Description The CombinedMult function within the ecc/p384 package secp384r1 curve calculates an incorrect value for certain inputs. This issue does not affect ECDH and ECDSA signing operations that rely on this...
AZL-79018 CVE-2019-6486 affecting package golang 1.25.7-1
Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service CPU consumption or possibly conduct ECDH private key recovery attacks...
DEBIAN-CVE-2011-4354
crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows...