Lucene search
+L

6 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0268

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00317EPSS
Exploits0References4
prion
prion
added 2024/01/16 10:15 p.m.21 views

Design/Logic Flaw

Ursa is a cryptographic library for use with blockchains. The revocation scheme that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model. Notably, a malicious verifier may be able to generate a...

4.3CVSS7AI score0.00317EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2024/01/16 9:44 p.m.5 views

CVE-2024-22192 Ursa CL-Signatures Revocation allows verifiers to generate unique identifiers for holders

Ursa is a cryptographic library for use with blockchains. The revocation scheme that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model. Notably, a malicious verifier may be able to generate a...

6.5CVSS7AI score0.00317EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/01/16 9:44 p.m.20 views

CVE-2024-21670 CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential

Ursa is a cryptographic library for use with blockchains. The revocation schema that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model, allowing a malicious holder of a revoked credential to...

6.5CVSS6.7AI score0.00276EPSS
Exploits0References1
cvelist
cvelist
added 2024/01/16 9:44 p.m.48 views

CVE-2024-21670 CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential

Ursa is a cryptographic library for use with blockchains. The revocation schema that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model, allowing a malicious holder of a revoked credential to...

6.5CVSS8.2AI score0.00276EPSS
Exploits0References1
github
github
added 2024/01/16 9:13 p.m.35 views

Ursa CL-Signatures Revocation allows verifiers to generate unique identifiers for holders

Summary The revocation scheme that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model. Notably, a malicious verifier may be able to generate a unique identifier for a holder providing a...

6.5CVSS6.7AI score0.00317EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder