CVE-2019-19960
MEDIUMwolfssl < 4.3.0 - Side-Channel Attack via wc_ecc_mulmod_ex
Title source: llmDescription
In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.
References (2)
Core 2
Core References
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/wolfSSL/wolfssl/releases/tag/v4.3.0-stable
Patch, Third Party Advisory x_refsource_misc
https://github.com/wolfSSL/wolfssl/commit/5ee9f9c7a23f8ed093fe1e42bc540727e96cebb8
Scores
CVSS v3
5.3
EPSS
0.0095
EPSS Percentile
56.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
Status
published
Products (1)
wolfssl/wolfssl
< 4.3.0
Published
Dec 25, 2019
Tracked Since
Feb 18, 2026