Lucene search
K

5 matches found

OSV
OSV
added 2024/04/28 12:30 a.m.41 views

GHSA-3494-CFWF-56HW mdanter/ecc affected by timing vulnerability in cryptographic side-channels

phpecc, as used in all versions of mdanter/ecc, as well as paragonie/ecc before 2.0.1, has a branch-based timing leak in Point addition. This Composer package is also known as phpecc/phpecc on GitHub, previously known as the Matyas Danter ECC library. Paragon Initiative Enterprises hard-forked...

5.3CVSS4.5AI score0.00408EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/04/28 12:30 a.m.26 views

mdanter/ecc affected by timing vulnerability in cryptographic side-channels

phpecc, as used in all versions of mdanter/ecc, as well as paragonie/ecc before 2.0.1, has a branch-based timing leak in Point addition. This Composer package is also known as phpecc/phpecc on GitHub, previously known as the Matyas Danter ECC library. Paragon Initiative Enterprises hard-forked...

4.3CVSS7.1AI score0.00408EPSS
Exploits0References6Affected Software2
Positive Technologies
Positive Technologies
added 2024/04/27 12:0 a.m.12 views

PT-2024-25510 · Phpecc +1 · Phpecc +2

Name of the Vulnerable Software and Affected Versions: phpecc versions prior to 2.0.1 paragonie/ecc versions prior to 2.0.1 mdanter/ecc all versions Description: The issue is a branch-based timing leak in Point addition. This leak is related to the phpecc/phpecc library on GitHub and the Matyas...

5.3CVSS7AI score0.00408EPSS
Exploits0References8
Snyk
Snyk
added 2024/04/25 6:31 p.m.3 views

Information Exposure Through Timing Discrepancy

Overview paragonie/ecc is an Elliptic Curve Cryptography library Affected versions of this package are vulnerable to Information Exposure Through Timing Discrepancy due to the use of the GMPMath adapter, which wraps the GNU Multiple Precision arithmetic library GMP not aiming to provide...

9.1CVSS6.6AI score0.00408EPSS
Exploits0References3
Friends Of PHP
Friends Of PHP
added 2024/04/24 12:2 p.m.54 views

mdanter/ecc affected by timing vulnerability in cryptographic side-channels

phpecc, as used in all versions of mdanter/ecc, as well as paragonie/ecc before 2.0.1, has a branch-based timing leak in Point addition. This Composer package is also known as phpecc/phpecc on GitHub, previously known as the Matyas Danter ECC library. Paragon Initiative Enterprises hard-forked...

4.3CVSS4.5AI score0.00408EPSS
Exploits0Affected Software1
Rows per page
Query Builder