8 matches found
CVE-2026-32322
soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...
EUVD-2026-11726
rs-soroban-sdk: Fr scalar field equality comparison bypasses modular reduction...
rs-soroban-sdk: `Fr` scalar field equality comparison bypasses modular reduction
Security Advisory: Incorrect Equality for Fr Scalar Field Types BN254, BLS12-381 Summary Missing modular reduction in Fr causes incorrect equality comparisons for BN254 and BLS12-381 types in soroban-sdk. Impact The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values usin...
rs-soroban-sdk 安全漏洞
rs-soroban-sdk is a Rust development toolkit open sourced by Stellar. Versions of rs-soroban-sdk prior to 22.0.11, 23.5.3, and 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the Fr type comparison values in BN254 and BLS12-381 were not subjected to...
CVE-2026-32322
soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...
openSUSE 16 Security Update : openCryptoki (openSUSE-SU-2026:20233-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20233-1 advisory. Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead to heap...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...