[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-1547":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":78,"related":79,"reserved_at":9,"published_at":97,"modified_at":98,"state":99,"summary":100,"references_raw":109,"kevs":254,"epss":255,"epss_history":258,"metrics":512,"affected":523},"CVE-2019-1547","Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[],[],[],[22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76],{"_key":23},"ALPINE-CVE-2019-1547",{"_key":25},"OPENSUSE-SU-2019:2268-1",{"_key":27},"OPENSUSE-SU-2024:11127-1",{"_key":29},"SUSE-SU-2019:14171-1",{"_key":31},"SUSE-SU-2019:14174-1",{"_key":33},"SUSE-SU-2019:2397-1",{"_key":35},"SUSE-SU-2019:2403-1",{"_key":37},"SUSE-SU-2019:2410-1",{"_key":39},"SUSE-SU-2019:2413-1",{"_key":41},"SUSE-SU-2019:2504-1",{"_key":43},"SUSE-SU-2019:2558-1",{"_key":45},"SUSE-SU-2019:2561-1",{"_key":47},"SUSE-SU-2020:0099-1",{"_key":49},"OPENSUSE-SU-2019:2158-1",{"_key":51},"OPENSUSE-SU-2019:2189-1",{"_key":53},"OPENSUSE-SU-2019:2269-1",{"_key":55},"OPENSUSE-SU-2024:11126-1",{"_key":57},"DLA-1932-1",{"_key":59},"DSA-4539-1",{"_key":61},"DSA-4540-1",{"_key":63},"MGASA-2019-0354",{"_key":65},"UBUNTU-CVE-2019-1547",{"_key":67},"USN-4376-1",{"_key":69},"USN-4504-1",{"_key":71},"USN-4376-2",{"_key":73},"DEBIAN-CVE-2019-1547",{"_key":75},"RHSA-2020:1337",{"_key":77},"RHSA-2020:1840",[],[80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":63},"2019-09-10T16:58:35.307Z","2024-09-16T16:33:05.874Z","Modified",{"cisa_kev":101,"cisa_ransomware":101,"cisa_vendor":9,"epss_severity":102,"epss_score":103,"severity":104,"severity_score":105,"severity_version":106,"severity_source":107,"severity_vector":108,"severity_status":99},false,"low",0.0026,"medium",4.7,"v3.1","nvd","CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",[110,117,122,126,130,134,138,142,146,150,154,158,162,166,170,174,178,182,186,190,194,198,202,206,210,214,218,222,226,230,234,238,242,246,250],{"url":111,"sources":112,"tags":114},"https://seclists.org/bugtraq/2019/Sep/25",[113,107],"cve.org",[115,116],"Mailing List","Third Party Advisory",{"url":118,"sources":119,"tags":120},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html",[113,107],[121],"Vendor Advisory",{"url":123,"sources":124,"tags":125},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/",[113,107],[121],{"url":127,"sources":128,"tags":129},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html",[113,107],[121],{"url":131,"sources":132,"tags":133},"https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html",[113,107],[115],{"url":135,"sources":136,"tags":137},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/",[113,107],[121],{"url":139,"sources":140,"tags":141},"https://seclists.org/bugtraq/2019/Oct/1",[113,107],[115],{"url":143,"sources":144,"tags":145},"https://seclists.org/bugtraq/2019/Oct/0",[113,107],[115],{"url":147,"sources":148,"tags":149},"https://www.debian.org/security/2019/dsa-4539",[113,107],[121],{"url":151,"sources":152,"tags":153},"https://www.debian.org/security/2019/dsa-4540",[113,107],[121],{"url":155,"sources":156,"tags":157},"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html",[113,107],[121],{"url":159,"sources":160,"tags":161},"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html",[113,107],[121],{"url":163,"sources":164,"tags":165},"https://security.gentoo.org/glsa/201911-04",[113,107],[121],{"url":167,"sources":168,"tags":169},"https://usn.ubuntu.com/4376-1/",[113,107],[121],{"url":171,"sources":172,"tags":173},"https://www.oracle.com/security-alerts/cpuapr2020.html",[113,107],[],{"url":175,"sources":176,"tags":177},"https://www.oracle.com/security-alerts/cpujul2020.html",[113,107],[],{"url":179,"sources":180,"tags":181},"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",[113,107],[],{"url":183,"sources":184,"tags":185},"https://www.tenable.com/security/tns-2019-08",[113,107],[],{"url":187,"sources":188,"tags":189},"https://www.oracle.com/security-alerts/cpujan2020.html",[113,107],[],{"url":191,"sources":192,"tags":193},"https://www.openssl.org/news/secadv/20190910.txt",[113,107],[121],{"url":195,"sources":196,"tags":197},"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30c22fa8b1d840036b8e203585738df62a03cec8",[113,107],[],{"url":199,"sources":200,"tags":201},"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a",[113,107],[],{"url":203,"sources":204,"tags":205},"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=21c856b75d81eff61aa63b4f036bb64a85bf6d46",[113,107],[],{"url":207,"sources":208,"tags":209},"https://arxiv.org/abs/1909.01785",[113,107],[116],{"url":211,"sources":212,"tags":213},"http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html",[113,107],[],{"url":215,"sources":216,"tags":217},"https://security.netapp.com/advisory/ntap-20190919-0002/",[113,107],[],{"url":219,"sources":220,"tags":221},"https://support.f5.com/csp/article/K73422160?utm_source=f5support&amp%3Butm_medium=RSS",[113,107],[],{"url":223,"sources":224,"tags":225},"https://www.tenable.com/security/tns-2019-09",[113,107],[],{"url":227,"sources":228,"tags":229},"https://security.netapp.com/advisory/ntap-20200122-0002/",[113,107],[],{"url":231,"sources":232,"tags":233},"https://security.netapp.com/advisory/ntap-20200416-0003/",[113,107],[],{"url":235,"sources":236,"tags":237},"https://usn.ubuntu.com/4376-2/",[113,107],[121],{"url":239,"sources":240,"tags":241},"https://usn.ubuntu.com/4504-1/",[113,107],[121],{"url":243,"sources":244,"tags":245},"https://www.oracle.com/security-alerts/cpuoct2020.html",[113,107],[],{"url":247,"sources":248,"tags":249},"https://kc.mcafee.com/corporate/index?page=content&id=SB10365",[113,107],[],{"url":251,"sources":252,"tags":253},"https://security.netapp.com/advisory/ntap-20240621-0006/",[113,107],[],[],{"date":256,"score":103,"percentile":257},"2026-06-04",0.49546,[259,262,265,268,271,273,276,279,282,285,288,291,294,296,299,303,306,309,312,315,318,321,323,325,328,331,334,337,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381,383,386,389,392,394,396,399,401,404,407,409,413,415,417,420,423,426,429,432,435,438,441,444,446,448,451,454,457,460,463,466,469,472,474,476,478,481,484,486,489,492,495,498,501,504,507,510],{"date":260,"score":103,"percentile":261},"2025-11-04",0.49181,{"date":263,"score":103,"percentile":264},"2025-11-05",0.49164,{"date":266,"score":103,"percentile":267},"2025-11-06",0.4918,{"date":269,"score":103,"percentile":270},"2025-11-07",0.49205,{"date":272,"score":103,"percentile":270},"2025-11-08",{"date":274,"score":103,"percentile":275},"2025-11-09",0.49186,{"date":277,"score":103,"percentile":278},"2025-11-10",0.49154,{"date":280,"score":103,"percentile":281},"2025-11-11",0.49168,{"date":283,"score":103,"percentile":284},"2025-11-12",0.49191,{"date":286,"score":103,"percentile":287},"2025-11-13",0.49194,{"date":289,"score":103,"percentile":290},"2025-11-14",0.49207,{"date":292,"score":103,"percentile":293},"2025-11-15",0.49202,{"date":295,"score":103,"percentile":275},"2025-11-16",{"date":297,"score":103,"percentile":298},"2025-11-17",0.4916,{"date":300,"score":301,"percentile":302},"2025-11-18",0.00092,0.22324,{"date":304,"score":301,"percentile":305},"2025-11-19",0.22334,{"date":307,"score":301,"percentile":308},"2025-11-20",0.22341,{"date":310,"score":103,"percentile":311},"2025-11-21",0.49147,{"date":313,"score":103,"percentile":314},"2025-11-22",0.49142,{"date":316,"score":103,"percentile":317},"2025-11-23",0.49109,{"date":319,"score":103,"percentile":320},"2025-11-24",0.49096,{"date":322,"score":103,"percentile":320},"2025-11-25",{"date":324,"score":103,"percentile":320},"2025-11-26",{"date":326,"score":103,"percentile":327},"2025-11-27",0.49103,{"date":329,"score":103,"percentile":330},"2025-11-28",0.49073,{"date":332,"score":103,"percentile":333},"2025-11-29",0.49051,{"date":335,"score":103,"percentile":336},"2025-11-30",0.4904,{"date":338,"score":103,"percentile":287},"2025-12-01",{"date":340,"score":103,"percentile":341},"2025-12-02",0.49212,{"date":343,"score":103,"percentile":344},"2025-12-03",0.49208,{"date":346,"score":103,"percentile":347},"2025-12-04",0.49047,{"date":349,"score":103,"percentile":350},"2025-12-05",0.49069,{"date":352,"score":103,"percentile":353},"2025-12-06",0.4907,{"date":355,"score":103,"percentile":356},"2025-12-07",0.49055,{"date":358,"score":103,"percentile":359},"2025-12-08",0.49059,{"date":361,"score":103,"percentile":362},"2025-12-09",0.49081,{"date":364,"score":103,"percentile":365},"2025-12-10",0.49148,{"date":367,"score":103,"percentile":368},"2025-12-11",0.49165,{"date":370,"score":103,"percentile":371},"2025-12-12",0.49189,{"date":373,"score":103,"percentile":374},"2025-12-13",0.49173,{"date":376,"score":103,"percentile":377},"2025-12-14",0.49162,{"date":379,"score":103,"percentile":380},"2025-12-15",0.49144,{"date":382,"score":103,"percentile":278},"2025-12-16",{"date":384,"score":103,"percentile":385},"2025-12-17",0.49179,{"date":387,"score":103,"percentile":388},"2025-12-18",0.4922,{"date":390,"score":103,"percentile":391},"2025-12-19",0.49228,{"date":393,"score":103,"percentile":344},"2025-12-20",{"date":395,"score":103,"percentile":267},"2025-12-21",{"date":397,"score":103,"percentile":398},"2025-12-22",0.49167,{"date":400,"score":103,"percentile":264},"2025-12-23",{"date":402,"score":103,"percentile":403},"2025-12-24",0.49177,{"date":405,"score":103,"percentile":406},"2025-12-25",0.4923,{"date":408,"score":103,"percentile":388},"2025-12-26",{"date":410,"score":411,"percentile":412},"2025-12-27",0.00231,0.45916,{"date":414,"score":103,"percentile":298},"2025-12-28",{"date":416,"score":103,"percentile":380},"2025-12-29",{"date":418,"score":103,"percentile":419},"2025-12-30",0.49138,{"date":421,"score":103,"percentile":422},"2025-12-31",0.49178,{"date":424,"score":103,"percentile":425},"2026-01-01",0.49343,{"date":427,"score":103,"percentile":428},"2026-01-02",0.49323,{"date":430,"score":103,"percentile":431},"2026-01-03",0.49313,{"date":433,"score":103,"percentile":434},"2026-01-04",0.49134,{"date":436,"score":103,"percentile":437},"2026-01-05",0.4912,{"date":439,"score":103,"percentile":440},"2026-01-06",0.49126,{"date":442,"score":103,"percentile":443},"2026-01-07",0.49143,{"date":445,"score":103,"percentile":398},"2026-01-08",{"date":447,"score":103,"percentile":443},"2026-01-09",{"date":449,"score":103,"percentile":450},"2026-01-10",0.49137,{"date":452,"score":103,"percentile":453},"2026-01-11",0.49117,{"date":455,"score":103,"percentile":456},"2026-01-12",0.49075,{"date":458,"score":103,"percentile":459},"2026-01-13",0.49052,{"date":461,"score":103,"percentile":462},"2026-01-14",0.49099,{"date":464,"score":103,"percentile":465},"2026-01-15",0.49102,{"date":467,"score":103,"percentile":468},"2026-01-16",0.49124,{"date":470,"score":103,"percentile":471},"2026-01-17",0.491,{"date":473,"score":103,"percentile":330},"2026-01-18",{"date":475,"score":103,"percentile":333},"2026-01-19",{"date":477,"score":103,"percentile":333},"2026-01-20",{"date":479,"score":103,"percentile":480},"2026-01-21",0.4905,{"date":482,"score":103,"percentile":483},"2026-01-22",0.49056,{"date":485,"score":103,"percentile":327},"2026-01-23",{"date":487,"score":103,"percentile":488},"2026-01-24",0.49107,{"date":490,"score":103,"percentile":491},"2026-01-25",0.49057,{"date":493,"score":103,"percentile":494},"2026-01-26",0.49027,{"date":496,"score":103,"percentile":497},"2026-01-27",0.49033,{"date":499,"score":103,"percentile":500},"2026-01-28",0.49041,{"date":502,"score":103,"percentile":503},"2026-01-29",0.49034,{"date":505,"score":103,"percentile":506},"2026-01-30",0.49042,{"date":508,"score":103,"percentile":509},"2026-01-31",0.49049,{"date":511,"score":103,"percentile":371},"2026-02-01",[513],{"source":107,"cvss_v2_0":514,"cvss_v3_0":9,"cvss_v3_1":519,"cvss_v4_0":9},{"baseScore":515,"baseSeverity":9,"vectorString":516,"impactScore":517,"exploitabilityScore":518},1.9,"AV:L/AC:M/Au:N/C:P/I:N/A:N",2.9,3.4,{"baseScore":105,"baseSeverity":520,"vectorString":108,"impactScore":521,"exploitabilityScore":522},"MEDIUM",6,2.6,[524],{"ecosystem":9,"name":525,"vendor":9,"product":525,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":526},"OpenSSL",[527,534,538,542,544,546],{"version":528,"is_range":529,"range_type":530,"version_start":531,"version_start_type":532,"version_end":533,"version_end_type":532,"fixed_in":9},"gte1.0.2_lte1.0.2s",true,"cpe","1.0.2","including","1.0.2s",{"version":535,"is_range":529,"range_type":530,"version_start":536,"version_start_type":532,"version_end":537,"version_end_type":532,"fixed_in":9},"gte1.1.0_lte1.1.0k","1.1.0","1.1.0k",{"version":539,"is_range":529,"range_type":530,"version_start":540,"version_start_type":532,"version_end":541,"version_end_type":532,"fixed_in":9},"gte1.1.1_lte1.1.1c","1.1.1","1.1.1c",{"version":543,"is_range":101,"range_type":113,"version_start":543,"version_start_type":532,"version_end":543,"version_end_type":532,"fixed_in":9},"Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c)",{"version":545,"is_range":101,"range_type":113,"version_start":545,"version_start_type":532,"version_end":545,"version_end_type":532,"fixed_in":9},"Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k)",{"version":547,"is_range":101,"range_type":113,"version_start":547,"version_start_type":532,"version_end":547,"version_end_type":532,"fixed_in":9},"Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s)"]