GHSA-rm66-9gh4-4gp8

Опубликовано: 12 нояб. 2024

Источник: github

Github: Прошло ревью

CVSS4: 2.7

Описание

cggmp21 vulnerable to ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability (however, it's unknown if it could be exploited).

Ссылки

https://github.com/dfns/cggmp21/pull/103
https://rustsec.org/advisories/RUSTSEC-2024-0393.html

Пакеты

Наименование

cggmp21

rust

Затронутые версииВерсия исправления

< 0.4.0

0.4.0

2.7 Low

CVSS4

Дефекты

CWE-327

2.7 Low

CVSS4

Дефекты

CWE-327