2 matches found
CVE-2020-11735
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."...
CVE-2020-11735
The CVE-2020-11735 issue affects wolfSSL’s ECC implementation (ecc.c) in versions prior to 4.4.0, where private-key operations do not use a constant-time modular inverse when mapping to affine coordinates, causing a projective coordinates leak. This is treated as a timing-related vulnerability af...