{"id":"CVE-2020-11735","details":"The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a \"projective coordinates leak.\"","modified":"2026-04-11T15:27:47.171144Z","published":"2020-06-25T14:15:11.583Z","references":[{"type":"ADVISORY","url":"https://github.com/wolfSSL/wolfssl/releases/tag/v4.4.0-stable"},{"type":"FIX","url":"https://github.com/wolfSSL/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wolfssl/wolfssl","events":[{"introduced":"0"},{"fixed":"e116c89a58af750421d82ece13f80516d2bde02e"},{"fixed":"1de07da61f0c8e9926dcbd68119f73230dae283f"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.4.0"}]}}],"versions":["WCv4-rng-stable","l","list","v0.5","v1.8.8.0","v1.9.0","v2.0.2","v2.0.3","v2.0.6","v2.0.8","v2.0rc1","v2.0rc2","v2.0rc2b","v2.0rc3","v2.4.2","v2.4.6","v2.4.7","v2.6.0","v2.6.2","v2.7.0","v2.7.2","v2.8.0","v2.8.2","v2.8.3","v2.8.4","v2.8.5","v2.8.5a","v2.8.6","v2.9.0","v2.9.1","v2.9.2","v2.9.4","v3.10.0-stable","v3.10.0a","v3.10.2-stable","v3.10.3","v3.11.0-stable","v3.11.1-tls13-beta","v3.12.0-stable","v3.12.2-stable","v3.13.0-stable","v3.13.2","v3.13.3","v3.14.0-stable","v3.14.0a","v3.14.0b","v3.14.2","v3.14.4","v3.15.0-stable","v3.15.3-stable","v3.15.5-stable","v3.15.5a","v3.15.6","v3.15.7-stable","v3.2.0","v3.2.4","v3.2.6","v3.3.0","v3.3.3","v3.4.0","v3.4.2","v3.4.6","v3.6.8","v3.6.9","v3.7.0","v3.7.1","v3.7.3","v3.8.0","v3.9.0","v3.9.1","v3.9.10-stable","v3.9.10b","v3.9.6","v3.9.6w","v3.9.8","v4.0.0-stable","v4.1.0-stable","v4.2.0-stable","v4.2.0c","v4.3.0-stable"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-11735.json","vanir_signatures":[{"signature_type":"Function","id":"CVE-2020-11735-2b85560a","digest":{"length":2579,"function_hash":"12453600844308520391004439692268381860"},"deprecated":false,"target":{"file":"wolfcrypt/src/ecc.c","function":"wc_ecc_make_pub_ex"},"source":"https://github.com/wolfssl/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f","signature_version":"v1"},{"signature_type":"Line","id":"CVE-2020-11735-332657a1","digest":{"line_hashes":["96603185095916770125792954183452474850","38250133329086103080177838132793969647","9060452406094865973612503486446241354","225207769404366714606204338138696621490","283153563472883957360160522903582725039","159685523023891775141480428442391016203","199960452612047191061151339633503559205","297384364710785629785762767357715844976","177275058675798426556785971627950100807","240691747942126286872048680067599453132","179591802186505395602968180988659226608","140164006849338754487963884224498970596","4316907989075688933157750280319572358","16465522683080724058306567309833833230","302960092636546694020043336132940803434","90966792483288711858881059675194719619","142965097491983694344136443580701102110","310969968630026219598719613172242263588","135023956255157738610804704638310191334","164847037193785591790877954249978341410","74534511445357059254527358965424936570","48277186209666766806815777751052574828","267443257108938999083331695920285490218","306577635669135136693550840397129720271","114014397379503567829186519546631716296","222154079167919896471503976422304199839","120756688414178906819507728691138238572","279225727604889185438341943699544001895","239471537473074596606731364436112087644","5689508054984920255468004192129591133","322489153541784567715340482247479733301","209584414414913589305783680585030256634","132977044490010253591276988253242235234","45030574565440800458053645461835523385","211453573811715173659428761904875956987","78283713739895319521299329901137374837","149746987469014105618297566262058983230","145944290522431605363686393015993164895","113314816354100806517899448190274521506"],"threshold":0.9},"deprecated":false,"target":{"file":"wolfcrypt/src/ecc.c"},"source":"https://github.com/wolfssl/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2020-11735-599ddaa7","digest":{"length":4510,"function_hash":"289505148823265107650654003071223560984"},"deprecated":false,"target":{"file":"wolfcrypt/src/ecc.c","function":"ecc_map"},"source":"https://github.com/wolfssl/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f","signature_version":"v1"},{"signature_type":"Line","id":"CVE-2020-11735-5e443460","digest":{"line_hashes":["298905883783545839822930393656872290213","81324661606034461482529564186815825162","138829977749813286436087712652179301584","151141636543894413799912531652413815492","201454776721931913503904621163522145309","193027003164333758941385416350184820757"],"threshold":0.9},"deprecated":false,"target":{"file":"wolfcrypt/src/tfm.c"},"source":"https://github.com/wolfssl/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f","signature_version":"v1"},{"signature_type":"Line","id":"CVE-2020-11735-bfb52575","digest":{"line_hashes":["237714472113237602455322231878356952747","40163633692851564681565756525871783871","100206842400463310310614191814232805562","161046344140480706824429781279093653857","161363950191962766372394636447474860201","284045604405183877232256202175454482668","129050836973562617583536337207421303853","200575401767982906708866001463118776089"],"threshold":0.9},"deprecated":false,"target":{"file":"wolfssl/wolfcrypt/tfm.h"},"source":"https://github.com/wolfssl/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2020-11735-cdd313d9","digest":{"length":1780,"function_hash":"157075545383430237151326064961768633671"},"deprecated":false,"target":{"file":"wolfcrypt/src/ecc.c","function":"wc_ecc_shared_secret_gen_sync"},"source":"https://github.com/wolfssl/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f","signature_version":"v1"},{"signature_type":"Line","id":"CVE-2020-11735-df6876aa","digest":{"line_hashes":["175881337748838037225360907000818424653","89673624396793668156548240716943245374","9093841286313074506873180683787720357","115486769718738760917260190387395467703"],"threshold":0.9},"deprecated":false,"target":{"file":"wolfssl/wolfcrypt/ecc.h"},"source":"https://github.com/wolfssl/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f","signature_version":"v1"}],"vanir_signatures_modified":"2026-04-11T15:27:47Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}