CVE-2020-11735

Published: Jun 25, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/wolfSSL/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f

x_refsource_CONFIRM

https://github.com/wolfSSL/wolfssl/releases/tag/v4.4.0-stable

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-11735

Description

Affected Products

References