PT-2025-31017 · Unknown · Curve25519-Dalek
Published
2024-06-18
·
Updated
2025-07-27
·
CVE-2024-58262
Published
2024-06-18
·
Updated
2025-07-27
·
CVE-2024-58262
2.9
Low
| Base vector | Vector | AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
curve25519-dalek crate versions prior to 4.1.3
Description:
The curve25519-dalek crate contains a constant-time operation on elliptic curve scalars that is removed by LLVM.
Recommendations:
Update to version 4.1.3 or later.
Fix
Side Channel Attack