Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.5 views

CVE-2026-32322

soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/13 8:2 p.m.5 views

EUVD-2026-11726

rs-soroban-sdk: Fr scalar field equality comparison bypasses modular reduction...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/03/13 8:2 p.m.5 views

rs-soroban-sdk: `Fr` scalar field equality comparison bypasses modular reduction

Security Advisory: Incorrect Equality for Fr Scalar Field Types BN254, BLS12-381 Summary Missing modular reduction in Fr causes incorrect equality comparisons for BN254 and BLS12-381 types in soroban-sdk. Impact The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values usin...

5.3CVSS5.9AI score0.00279EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.6 views

rs-soroban-sdk 安全漏洞

rs-soroban-sdk is a Rust development toolkit open sourced by Stellar. Versions of rs-soroban-sdk prior to 22.0.11, 23.5.3, and 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the Fr type comparison values in BN254 and BLS12-381 were not subjected to...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/12 9:39 p.m.3 views

CVE-2026-32322

soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.7 views

openSUSE 16 Security Update : openCryptoki (openSUSE-SU-2026:20233-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20233-1 advisory. Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead to heap...

6.8CVSS5.8AI score0.00237EPSS
Exploits1References6
Snyk
Snyk
added 2025/10/30 5:10 p.m.1 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...

8.7CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/10/30 5:10 p.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...

8.7CVSS7AI score
Exploits0References2
Rows per page
Query Builder