crates.io package
ed25519-dalek
pkg:cargo/ed25519-dalek
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50237 | Med | 5.9 | < 2.0.0 | 2.0.0 | Jul 28, 2025 | The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key. |
- affected < 2.0.0fixed 2.0.0
The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key.