OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 16:24:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add rustsec advisory for GHSA-7cqg-8449-rmfv (#1022)

Browse Source
This commit is contained in:
Jon Moroney
2021-09-09 14:51:48 -07:00
committed by GitHub
parent 4b4a4d8d88
commit e5b66bfe9e
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crates/libsecp256k1-rs/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,16 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "libsecp256k1-rs"
date = "2020-01-22"
url = "https://nvd.nist.gov/vuln/detail/CVE-2019-20399"
categories = ["crypto-failure"]
cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
aliases = ["CVE-2019-20399"]
[versions]
patched = [">= 0.3.1"]
```
# Observable Discrepancy in libsecp256k1-rs
A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.