Sodiumoxide Project : Security Vulnerabilities, CVEs,
An issue was discovered in the sodiumoxide crate before 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties.
Max CVSS
9.8
EPSS Score
0.22%
Published
2020-12-31
Updated
2021-01-14
sodiumoxide 0.0.13 and older scalarmult() vulnerable to degenerate public keys
Max CVSS
6.5
EPSS Score
0.15%
Published
2017-11-17
Updated
2019-10-03
2 vulnerabilities found