Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29483

Malicious code in bioql PyPI...

5.9CVSS6.3AI score0.00183EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/07/28 11:37 p.m.4 views

SUSE CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS6.9AI score0.00183EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/07/28 3:31 a.m.8 views

Duplicate Advisory: `ed25519-dalek` Double Public Key Signing Function Oracle Attack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w5vr-6qhr-36cc. This link is maintained to preserve external references. Original Description The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair...

5.9CVSS7.1AI score0.00183EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/07/28 2:15 a.m.6 views

UBUNTU-CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS5.8AI score0.00183EPSS
Exploits0References5
CVE
CVE
added 2025/07/28 12:0 a.m.25 views

CVE-2022-50237

The CVE-2022-50237 entry concerns the ed25519-dalek Rust crate prior to version 2. The Keypair implementation enables a double public key signing function oracle attack, enabling an attacker to compute/extract a private key from signatures. Reported impact includes confidentiality loss; CVSSv3.1 ...

5.9CVSS7.1AI score0.00183EPSS
Exploits0References3
Veracode
Veracode
added 2025/03/12 8:14 a.m.5 views

Double-signing Attack

github.com/strangelove-ventures/horcrux is vulnerable to a double-signing attack. The vulnerability is due to a race condition in signature state handling when two independent events occurring within the same microsecond, allowing unintended duplicate signatures and leads to unintended...

6.9AI score
Exploits0
OSV
OSV
added 2025/03/07 8:0 p.m.3 views

GHSA-6WXF-7784-62FP Horcrux Double Sign Possibility

Horcrux Incident Disclosure: Possible Double-Sign Summary On March 6, 2025, a Horcrux user 01node experienced a double-signing incident on the Osmosis network, resulting in a 5% slash penalty approximately 75,000 OSMO or $20,000 USD. After thorough investigation, we have identified a race conditi...

8.7CVSS7AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/03/07 8:0 p.m.9 views

Horcrux Double Sign Possibility

Horcrux Incident Disclosure: Possible Double-Sign Summary On March 6, 2025, a Horcrux user 01node experienced a double-signing incident on the Osmosis network, resulting in a 5% slash penalty approximately 75,000 OSMO or $20,000 USD. After thorough investigation, we have identified a race conditi...

7AI score
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/11 12:0 a.m.4 views

PT-2025-31036 · Unknown · Ed25519-Dalek

Name of the Vulnerable Software and Affected Versions: ed25519-dalek crate versions prior to 2 Description: The ed25519-dalek crate for Rust contains a flaw that allows a double public key signing function oracle attack. The Keypair implementation can lead to the extraction of a private key...

5.9CVSS6.2AI score0.00183EPSS
Exploits0References13
Rows per page
Query Builder