Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-36843

Опубликовано: 13 мар. 2025
Источник: debian
EPSS Низкий

Описание

The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability under Chosen Message Attacks) property. This allows attackers to create new valid signatures different from previous signatures for a known message.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libeddsa-javafixed0.3.0-2.1package

Примечания

  • https://github.com/str4d/ed25519-java/pull/82

EPSS

Процентиль: 6%
0.00025
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-36843

CVSS3: 4.3
ubuntu
11 месяцев назад

The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability under Chosen Message Attacks) property. This allows attackers to create new valid signatures different from previous signatures for a known message.

nvd логотип

CVE-2020-36843

CVSS3: 4.3
nvd
11 месяцев назад

The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability under Chosen Message Attacks) property. This allows attackers to create new valid signatures different from previous signatures for a known message.

suse-cvrf логотип

SUSE-SU-2025:1029-1

suse-cvrf
11 месяцев назад

Security update for ed25519-java

github логотип

GHSA-p53j-g8pw-4w5f

CVSS3: 4.3
github
11 месяцев назад

Ed25519 Signature Malleability in ed25519-java Due to Missing Scalar Range Check

EPSS

Процентиль: 6%
0.00025
Низкий