Nixpkgs security tracker
7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): None (N)
- Availability (A): None (N)
- Exploit Code Maturity (E): Proof-of-Concept (P)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): None (N)
Activity log
- Created suggestion
All versions of the package sjcl are vulnerable to Improper …
All versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validation in sjcl.ecc.basicKey.publicKey(). An attacker can recover a victim's ECDH private key by sending crafted off-curve public keys and observing ECDH outputs. The dhJavaEc() function directly returns the raw x-coordinate of the scalar multiplication result (no hashing), providing a plaintext oracle without requiring any decryption feedback.
References
Affected products
- *
Matching in nixpkgs
pkgs.python312Packages.sjcl
Decrypt and encrypt messages compatible to the "Stanford Javascript Crypto Library (SJCL)" message format
pkgs.python313Packages.sjcl
Decrypt and encrypt messages compatible to the "Stanford Javascript Crypto Library (SJCL)" message format
pkgs.python314Packages.sjcl
Decrypt and encrypt messages compatible to the "Stanford Javascript Crypto Library (SJCL)" message format
Package maintainers
-
@binsky08 Timo Triebensky <timo@binsky.org>