PT-2025-31017 · Unknown · Curve25519-Dalek

Published

2024-06-18

·

Updated

2025-08-07

·

CVE-2024-58262

CVSS v3.1

5.1

Medium

VectorAV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions curve25519-dalek crate versions prior to 4.1.3
Description The curve25519-dalek crate contains a constant-time operation on elliptic curve scalars that is removed by LLVM.
Recommendations Update to version 4.1.3 or later.

Fix

Side Channel Attack

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-00107
CVE-2024-58262
GHSA-4HFF-HH47-7788
GHSA-X4GP-PQPJ-F43Q
RUSTSEC-2024-0344

Affected Products

Curve25519-Dalek