Unrated severityNVD Advisory· Published Jun 25, 2020· Updated Aug 4, 2024
CVE-2020-11735
CVE-2020-11735
Description
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- wolfSSL/wolfSSLdescription
Patches
Vulnerability mechanics
References
2- github.com/wolfSSL/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283fmitrex_refsource_CONFIRM
- github.com/wolfSSL/wolfssl/releases/tag/v4.4.0-stablemitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.