RSS   Vulnerabilities for 'Elliptic-php'   RSS

2019-11-18
 
CVE-2019-10764

CWE-362
 

 
In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve which might allow practical recovery of the long-term private key.

 


Copyright 2024, cxsecurity.com

 

Back to Top