CVE-2022-50237

Published
View on NVD ↗
CVSS v3
5.9
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key.

ed25519-dalek
ed25519-dalek
Fast and efficient ed25519 EdDSA key generations, signing, and verification in pure Rust.
Crates.ioCrates.io
159M
MystenLabs/ed25519-unsafe-libs
MystenLabs/ed25519-unsafe-libs
List of unsafe ed25519 signature libs
GitHubGitHub
249