mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00

Files

Sergey "Shnatsel" Davidoff 464cc079a5 Add GHSA alias to RUSTSEC-2020-0156

2021-09-10 16:03:52 +00:00

549 B

Raw Blame History

[advisory]
id = "RUSTSEC-2020-0156"
package = "libsecp256k1-rs"
date = "2020-01-22"
url = "https://nvd.nist.gov/vuln/detail/CVE-2019-20399"
categories = ["crypto-failure"]
cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
aliases = ["CVE-2019-20399", "GHSA-7cqg-8449-rmfv"]
[versions]
patched = [">= 0.3.1"]

Observable Discrepancy in libsecp256k1-rs

A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.

549 B Raw Blame History

Observable Discrepancy in libsecp256k1-rs

549 B

Raw Blame History