CVE-2020-11713: Use of a Broken or Risky Cryptographic Algorithm
(updated )
wolfSSL has mulmod code in wc_ecc_mulmod_ex
in ecc.c
that does not properly resist timing side-channel attacks.
References
Detect and mitigate CVE-2020-11713 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →