PT-2025-31017 · Unknown · Curve25519-Dalek
Published
2024-06-18
·
Updated
2025-08-07
·
CVE-2024-58262
CVSS v3.1
5.1
Medium
| AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
curve25519-dalek crate versions prior to 4.1.3
Description
The curve25519-dalek crate contains a constant-time operation on elliptic curve scalars that is removed by LLVM.
Recommendations
Update to version 4.1.3 or later.
Fix
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Curve25519-Dalek