7 matches found
EUVD-2025-29440
Malicious code in bioql PyPI...
Duplicate Advisory: curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x4gp-pqpj-f43q. This link is maintained to preserve external references. Original Description The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is...
GHSA-4HFF-HH47-7788 Duplicate Advisory: curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x4gp-pqpj-f43q. This link is maintained to preserve external references. Original Description The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is...
GHSA-X4GP-PQPJ-F43Q curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`
Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...
curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`
Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...
RUSTSEC-2024-0344 Timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`
Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...
Timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`
Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...