CVE-2024-58262

CVSS v3.1

5.1

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions curve25519-dalek crate versions prior to 4.1.3

Description The curve25519-dalek crate contains a constant-time operation on elliptic curve scalars that is removed by LLVM.

Recommendations Update to version 4.1.3 or later.

Fix

Side Channel Attack

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

BDU:2026-00107

CVE-2024-58262

GHSA-4HFF-HH47-7788

GHSA-X4GP-PQPJ-F43Q

RUSTSEC-2024-0344

Curve25519-Dalek