GHSA-6973-8887-87FF nimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncation

Impact SkipBlockProof::verify computes its quorum check using BitSet.len, then iterates BitSet indices and casts each usize index to u16 slot as u16 for slot lookup. If an attacker can get a SkipBlockProof verified where MultiSignature.signers contains out-of-range indices spaced by 65536, these...

EUVD-2021-24837

Malware in sbrugna...

CVE-2021-38385

Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007...

CVE-2021-38385

Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007...

openSUSE 15 Security Update : tor (openSUSE-SU-2021:1169-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1169-1 advisory. - Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification,...