Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2021/08/25 9:1 p.m.22 views

Observable Discrepancy in libsecp256k1-rs

A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...

5.9CVSS3.9AI score0.00881EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2020/01/23 12:15 a.m.17 views

CVE-2019-20399

A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...

5.9CVSS5.4AI score0.00881EPSS
Exploits0References1
OSV
OSV
added 2020/01/23 12:15 a.m.10 views

CVE-2019-20399

A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...

5.9CVSS5.4AI score
Exploits0References1
Cvelist
Cvelist
added 2020/01/22 11:12 p.m.18 views

CVE-2019-20399

A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...

5.3AI score0.00881EPSS
Exploits0References1
CVE
CVE
added 2020/01/22 11:12 p.m.91 views

CVE-2019-20399

The CVE-2019-20399 entry concerns a timing vulnerability in Scalar::check_overflow within Parity libsecp256k1-rs (pre-0.3.1). Multiple connected sources (Red Hat, GHSA, OSV, NVD, OSV, Alpine, etc.) describe that this can allow an attacker to leak information via a side-channel attack. The documen...

5.9CVSS5.2AI score0.00881EPSS
Exploits0References1Affected Software1
RustSec
RustSec
added 2019/10/14 12:0 p.m.17 views

Flaw in Scalar::check_overflow allows side-channel timing attack

Versions of libsecp256k1 prior to 0.3.1 did not execute Scalar::checkoverflow in constant time. This allows an attacker to potentially leak information via a timing attack. The flaw was corrected by modifying Scalar::checkoverflow to execute in constant time...

7.5CVSS6.6AI score0.01415EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/10/14 12:0 p.m.17 views

RUSTSEC-2019-0027 Flaw in Scalar::check_overflow allows side-channel timing attack

Versions of libsecp256k1 prior to 0.3.1 did not execute Scalar::checkoverflow in constant time. This allows an attacker to potentially leak information via a timing attack. The flaw was corrected by modifying Scalar::checkoverflow to execute in constant time...

7.5CVSS7.3AI score0.01415EPSS
Exploits0References2
Rows per page
Query Builder