2 matches found
nostr-dvm (=0.7.14) potentially affected by CVE-2025-65548 via cashu (=0.16.0)
cashu PYPI version =0.16.0 is affected by a known vulnerability. The following packages have a transitive dependency on cashu and may be impacted: - nostr-dvm =0.7.14 Source cves: CVE-2025-65548 Source advisory: OSV:PYSEC-2025-89...
PT-2025-49415
Name of the Vulnerable Software and Affected Versions nutshell cashubtc/nuts versions prior to 0.18.0 Description The software allows cashu tokens to be created with a preimage hash. However, it does not validate the size of the preimage when the token is spent, prior to version 0.18.0. This allo...