Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/06/13 2:19 a.m.6 views

SUSE CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

5CVSS5.2AI score0.00259EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/09 6:30 p.m.10 views

EUVD-2026-35487

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

3.7CVSS5.4AI score0.00259EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.9 views

CVE-2026-42770 FFC-DH Peer Validation Uses Attacker-Supplied q

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

5.4AI score0.00259EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-47840

Name of the Vulnerable Software and Affected Versions OpenSSL FIPS modules versions 3.0, 3.4, 3.5, 3.6, and 4.0 Description When the EVP PKEY derive set peer function is called with a DHX X9.42 peer key, the software fails to properly verify subgroup membership. Specifically, the check Y^q ≡ 1 mo...

3.7CVSS5.5AI score0.00259EPSS
Exploits0References118
Rows per page
Query Builder