Lucene search
Veracode Vulnerability DatabaseVERACODE:32157HistorySep 18, 2021 - 11:40 p.m.
Denial Of Service (DoS)
2021-09-1823:40:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.0004 Low
EPSS
Percentile
15.7%
openCryptoki is vulnerable to denial of service. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack.
Related
cbl_mariner
cbl_mariner
CVE-2021-3798 affecting package opencryptoki for versions less than 3.17.0-1
2023-09-28 11:57:58
openvas
openvas
Ubuntu: Security Advisory (USN-5031-1)
2022-01-28 00:00:00
Fedora: Security Advisory for opencryptoki (FEDORA-2021-33f8ebd09c)
2021-09-05 00:00:00
rocky
rocky
opencryptoki bug fix and enhancement update
2021-08-10 11:55:28
cve
cve
CVE-2021-3798
2022-08-23 16:15:09
nvd
nvd
CVE-2021-3798
2022-08-23 16:15:09
cvelist
cvelist
CVE-2021-3798
2022-08-23 15:48:58
prion
prion
Design/Logic Flaw
2022-08-23 16:15:00
ubuntucve
ubuntucve
CVE-2021-3798
2022-08-23 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2438
2024-06-27 10:51:15
debiancve
debiancve
CVE-2021-3798
2022-08-23 16:15:09
redhatcve
redhatcve
CVE-2021-3798
2021-09-13 07:38:42
osv
osv
CVE-2021-3798
2022-08-23 16:15:09
fedora
fedora
[SECURITY] Fedora 35 Update: qt5-qtwebengine-5.15.8-2.fc35
2022-01-30 01:44:13