Описание
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
Ссылки
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListPatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListPatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-chan ...
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
EPSS
7.5 High
CVSS3
5 Medium
CVSS2