Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-55212

Malicious code in bioql PyPI...

5.9CVSS6.3AI score0.00183EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29483

Malicious code in bioql PyPI...

5.9CVSS6.3AI score0.00183EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-50237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation fo...

5.9CVSS5.4AI score0.00183EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/07/28 11:37 p.m.3 views

SUSE CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS6.9AI score0.00183EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/28 10:21 a.m.5 views

CVE-2022-50237

A flaw was found in ed25519-dalek. The Keypair implementation allows an attacker to compute a private key by observing signatures generated with corresponding public keys. This public key signing function oracle attack does not require authentication. An unauthenticated attacker can extract the...

5.9CVSS5.9AI score0.00183EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/07/28 3:31 a.m.8 views

Duplicate Advisory: `ed25519-dalek` Double Public Key Signing Function Oracle Attack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w5vr-6qhr-36cc. This link is maintained to preserve external references. Original Description The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair...

5.9CVSS7.1AI score0.00183EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/07/28 3:31 a.m.3 views

GHSA-G693-V3JR-8HCR Duplicate Advisory: `ed25519-dalek` Double Public Key Signing Function Oracle Attack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w5vr-6qhr-36cc. This link is maintained to preserve external references. Original Description The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair...

5.9CVSS6.1AI score0.00183EPSS
Exploits0References4
NVD
NVD
added 2025/07/28 2:15 a.m.7 views

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS0.00183EPSS
Exploits0References3
OSV
OSV
added 2025/07/28 2:15 a.m.5 views

UBUNTU-CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS5.8AI score0.00183EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/07/28 12:0 a.m.4 views

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS6.2AI score0.00183EPSS
Exploits0References3
CVE
CVE
added 2025/07/28 12:0 a.m.25 views

CVE-2022-50237

The CVE-2022-50237 entry concerns the ed25519-dalek Rust crate prior to version 2. The Keypair implementation enables a double public key signing function oracle attack, enabling an attacker to compute/extract a private key from signatures. Reported impact includes confidentiality loss; CVSSv3.1 ...

5.9CVSS7.1AI score0.00183EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/28 12:0 a.m.12 views

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.4 views

ed25519-dalek crate 安全漏洞

ed25519-dalek crate is a Rust library from dalek cryptography open source. A security vulnerability exists in versions prior to ed25519-dalek crate 2, which stems from a dual public key signing function leading to private key extraction...

5.9CVSS6.4AI score0.00183EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/07/28 12:0 a.m.6 views

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS5.2AI score0.00183EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/11/07 11:44 p.m.26 views

rusty_paseto vulnerable to private key extraction due to ed25519-dalek dependency

Impact The vulnerability, known as RUSTSEC-2022-0093, impacts the ed25519-dalek crate, which is a dependency of the rusty-paseto crate. This issue arises from a "Double Public Key Signing Function Oracle Attack" affecting versions of ed25519-dalek prior to v2.0. These versions expose an unsafe AP...

6.5AI score
Exploits0References5Affected Software1
OSV
OSV
added 2023/11/07 11:44 p.m.13 views

GHSA-J57R-4QW6-58R3 rusty_paseto vulnerable to private key extraction due to ed25519-dalek dependency

Impact The vulnerability, known as RUSTSEC-2022-0093, impacts the ed25519-dalek crate, which is a dependency of the rusty-paseto crate. This issue arises from a "Double Public Key Signing Function Oracle Attack" affecting versions of ed25519-dalek prior to v2.0. These versions expose an unsafe AP...

6.5AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/11/07 12:0 a.m.6 views

PT-2023-33034 · Unknown · Rusty-Paseto +1

Name of the Vulnerable Software and Affected Versions: ed25519-dalek versions prior to 2.0 rusty-paseto versions prior to 0.6.0 Description: The issue arises from a "Double Public Key Signing Function Oracle Attack" affecting the ed25519-dalek crate, which is a dependency of the rusty-paseto crat...

7AI score
Exploits0References6
vulnersOsv
vulnersOsv
added 2023/08/14 9:10 p.m.5 views

NT-anchor-spl (>=0.19.0 <=0.19.5), NT-anchor-spl-testnet (=0.19.2) +1606 more potentially affected by CVE-2022-50237 via ed25519-dalek (>=0.9.1 <=2.0.0-pre.0)

ed25519-dalek CARGO version =0.9.1, =0.19.0, =0.4.2, =0.2.0-beta.4, =0.1.0, =0.1.1, =0.1.0, =1.0.5, =0.0.0-alpha, =0.0.1-alpha.1, =0.5.0, =0.5.2, =0.8.0, =0.8.0, =0.8.9 and more Source cves: CVE-2022-50237 Source advisory: OSV:GHSA-W5VR-6QHR-36CC...

5.9CVSS5.7AI score0.00183EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/08/14 9:10 p.m.19 views

`ed25519-dalek` Double Public Key Signing Function Oracle Attack

Versions of ed25519-dalek prior to v2.0 model private and public keys as separate types which can be assembled into a Keypair, and also provide APIs for serializing and deserializing 64-byte private/public keypairs. Such APIs and serializations are inherently unsafe as the public key is one of th...

5.9CVSS6.1AI score0.00183EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/08/14 9:10 p.m.21 views

GHSA-W5VR-6QHR-36CC `ed25519-dalek` Double Public Key Signing Function Oracle Attack

Versions of ed25519-dalek prior to v2.0 model private and public keys as separate types which can be assembled into a Keypair, and also provide APIs for serializing and deserializing 64-byte private/public keypairs. Such APIs and serializations are inherently unsafe as the public key is one of th...

5.9CVSS6.1AI score0.00183EPSS
Exploits0References4
Rows per page
Query Builder