CNNVD-202507-3470 Information

CNNVD ID

CNNVD-202507-3470

Related CVE

CVE-2022-50237

• CNNVD Published: 2025-07-28

Description (Chinese)

ed25519-dalek crate是dalek cryptography开源的一个Rust库。 ed25519-dalek crate 2之前版本存在安全漏洞，该漏洞源于双公钥签名函数导致私钥提取。

Description (English)

ed25519-dalek Krate is a Rust bank from the open source of Dalek cryptoprophy. ed 25519-dalek crime 2 has a security loophole, which stems from the dual public key signature function, which leads to the private key extraction.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

dalek cryptography

Published

2025-07-28

Last Modified

2026-02-24

References

https://crates.io/crates/ed25519-dalek https://github.com/MystenLabs/ed25519-unsafe-libs https://rustsec.org/advisories/RUSTSEC-2022-0093.html https://access.redhat.com/security/cve/cve-2022-50237

Patch

https://rustsec.org/advisories/RUSTSEC-2022-0093.html