Lucene search
K

19 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/04 6:6 a.m.7 views

Security Bulletin: IBM Edge Data Collector usescurve25519-dalek-3.2.0.crate which is vulnerable to CVE-2024-58262.

Summary IBM Edge Data Collector usescurve25519-dalek-3.2.0.crate which is vulnerable to CVE-2024-58262. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2024-58262 DESCRIPTION: The curve25519-dalek crate before 4.1.3 for Rust has a constant-time...

5.1CVSS6.8AI score0.00152EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-54823

Malicious code in bioql PyPI...

5.1CVSS6.3AI score0.00152EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29440

Malicious code in bioql PyPI...

5.1CVSS6.3AI score0.00152EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/07/28 11:32 p.m.5 views

SUSE CVE-2024-58262

The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM...

5.1CVSS7AI score0.00152EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/28 8:20 a.m.15 views

CVE-2024-58262

A flaw was found in curve25519-dalek. The crate’s implementation of constant-time operations on elliptic curve scalars lacks proper LLVM optimization, potentially revealing information about the scalar's bits. A local attacker can observe timing differences during scalar operations. This...

5.1CVSS5.7AI score0.00152EPSS
Exploits0References6
OSV
OSV
added 2025/07/27 9:32 p.m.5 views

GHSA-4HFF-HH47-7788 Duplicate Advisory: curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x4gp-pqpj-f43q. This link is maintained to preserve external references. Original Description The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is...

2.9CVSS6.2AI score0.00152EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/07/27 9:32 p.m.10 views

Duplicate Advisory: curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x4gp-pqpj-f43q. This link is maintained to preserve external references. Original Description The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is...

5.1CVSS7.1AI score0.00152EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/07/27 8:15 p.m.5 views

CVE-2024-58262

The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM...

5.1CVSS0.00152EPSS
Exploits0References3
OSV
OSV
added 2025/07/27 8:15 p.m.3 views

DEBIAN-CVE-2024-58262

The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM...

5.1CVSS5.3AI score0.00152EPSS
Exploits0References1
OSV
OSV
added 2025/07/27 8:15 p.m.5 views

CVE-2024-58262

The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM...

5.1CVSS6.2AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/07/27 8:15 p.m.6 views

CVE-2024-58262

The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM...

5.1CVSS5.9AI score0.00152EPSS
Exploits0References4
CVE
CVE
added 2025/07/27 12:0 a.m.50 views

CVE-2024-58262

The CVE-2024-58262 issue affects the curve25519-dalek Rust crate prior to version 4.1.3, where a constant-time operation on elliptic curve scalars is removed by LLVM. This timing-related behavior can impact confidentiality and is classified with a MEDIUM severity (NVD CVSS 3.1: 5.1). Public refer...

5.1CVSS6.7AI score0.00152EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/07/27 12:0 a.m.9 views

curve25519-dalek crate 安全漏洞

curve25519-dalek crate is a Rust library from dalek cryptography open source. A security vulnerability exists in curve25519-dalek crate versions prior to 4.1.3, which stems from the possibility of disclosing private keys and other secrets...

5.1CVSS6.4AI score0.00152EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2024/06/18 9:56 p.m.6 views

LicenseStore (=0.1.0), NT-anchor-lang (=0.19.0) +2866 more potentially affected by CVE-2024-58262 via curve25519-dalek (>=1.1.3 <=4.1.0)

curve25519-dalek CARGO version =1.1.3, =0.19.0, =0.4.1, =0.2.4, =0.13.0, =0.16.0, =0.1.0, =0.0.1, =0.1.0, =0.2.0-beta.4, =0.2.0-beta.4, =0.13.0, =0.16.5, =0.16.7 and more Source cves: CVE-2024-58262 Source advisory: OSV:GHSA-X4GP-PQPJ-F43Q...

5.1CVSS5.7AI score0.00152EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/06/18 9:56 p.m.25 views

curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`

Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...

5.1CVSS6.2AI score0.00152EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/06/18 9:56 p.m.32 views

GHSA-X4GP-PQPJ-F43Q curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`

Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...

2.9CVSS6.2AI score0.00152EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2024/06/18 12:0 p.m.5 views

LicenseStore (=0.1.0), NT-anchor-lang (=0.19.0) +2866 more potentially affected by CVE-2024-58262 via curve25519-dalek (>=1.1.3 <=4.1.0)

curve25519-dalek CARGO version =1.1.3, =0.19.0, =0.4.1, =0.2.4, =0.13.0, =0.16.0, =0.1.0, =0.0.1, =0.1.0, =0.2.0-beta.4, =0.2.0-beta.4, =0.13.0, =0.16.5, =0.16.7 and more Source cves: CVE-2024-58262 Source advisory: OSV:RUSTSEC-2024-0344...

5.1CVSS5.7AI score0.00152EPSS
Exploits0
OSV
OSV
added 2024/06/18 12:0 p.m.35 views

RUSTSEC-2024-0344 Timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`

Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...

5.1CVSS7.2AI score0.00152EPSS
Exploits0References3
RustSec
RustSec
added 2024/06/18 12:0 p.m.6 views

Timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`

Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...

5.1CVSS7.2AI score0.00152EPSS
Exploits0Affected Software1
Rows per page
Query Builder