GHSA-fpr5-jp2j-4q2f

Опубликовано: 12 нояб. 2024

Источник: github

Github: Прошло ревью

CVSS4: 2.7

Описание

paillier-zk has ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability (however, it's unknown if it could be exploited).

Ссылки

https://github.com/dfns/paillier-zk/pull/49
https://rustsec.org/advisories/RUSTSEC-2024-0391.html

Пакеты

Наименование

paillier-zk

rust

Затронутые версииВерсия исправления

< 0.4.0

0.4.0

2.7 Low

CVSS4

Дефекты

CWE-327

2.7 Low

CVSS4

Дефекты

CWE-327