CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10764

In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve which might allow practical recovery of the long-term private key.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.5%

CVSS Severity

CVSS v3 Score 7.4

CVSS v2 Score 5.8

References

Products affected by CVE-2019-10764

Simplito » Elliptic-Php » Version: N/A

cpe:2.3:a:simplito:elliptic-php:-
Simplito » Elliptic-Php » Version: 1.0.0

cpe:2.3:a:simplito:elliptic-php:1.0.0
Simplito » Elliptic-Php » Version: 1.0.1

cpe:2.3:a:simplito:elliptic-php:1.0.1
Simplito » Elliptic-Php » Version: 1.0.2

cpe:2.3:a:simplito:elliptic-php:1.0.2
Simplito » Elliptic-Php » Version: 1.0.3

cpe:2.3:a:simplito:elliptic-php:1.0.3
Simplito » Elliptic-Php » Version: 1.0.4

cpe:2.3:a:simplito:elliptic-php:1.0.4
Simplito » Elliptic-Php » Version: 1.0.5

cpe:2.3:a:simplito:elliptic-php:1.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10764

Products

Pricing

Contact Us