Search for packages
| purl | pkg:pypi/wolfcrypt@4.1.0.post0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-15fc-qcja-yfh6 | wolfCrypt leaks cryptographic information via timing side channel wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without `--enable-fpecc`, `--enable-sp`, or` --enable-sp-math`) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length. |
CVE-2019-13628
GHSA-q95h-vc86-hv77 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T22:00:23.543469+00:00 | GitLab Importer | Fixing | VCID-15fc-qcja-yfh6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/wolfcrypt/CVE-2019-13628.yml | 38.4.0 |
| 2026-04-11T23:15:59.893449+00:00 | GitLab Importer | Fixing | VCID-15fc-qcja-yfh6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/wolfcrypt/CVE-2019-13628.yml | 38.3.0 |
| 2026-04-02T23:23:50.178492+00:00 | GitLab Importer | Fixing | VCID-15fc-qcja-yfh6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/wolfcrypt/CVE-2019-13628.yml | 38.1.0 |
| 2026-04-01T17:44:48.830789+00:00 | GitLab Importer | Fixing | VCID-15fc-qcja-yfh6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/wolfcrypt/CVE-2019-13628.yml | 38.0.0 |