Description
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.
Remediation
References
Related Vulnerabilities
WordPress Plugin RAYS Grid Cross-Site Request Forgery (1.2.2)
Internet Information Services Other Vulnerability (CVE-2000-0408)
WordPress Plugin Images Slideshow by 2J-Image Slider Unspecified Vulnerability (1.2.15)
WordPress Plugin RSVPMaker SQL Injection (9.2.6)
Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745)