Home > Vulnerability Database > WS-2019-0120

WhiteSource Vulnerability Database

New vulnerability? Tell us about it!

WS-2019-0120

Good to know:

Date: May 15, 2019

Affected versions of libp2p-core did not properly verify ed25519 signatures. Any signature with a correct length was considered valid.

Language: RUST

Severity Score

0.0

Related Resources (2)

Url: https://rustsec.org/advisories/RUSTSEC-2019-0004

Url: https://www.whitesourcesoftware.com/vulnerability-database/WS-2019-0120

Weakness Type (CWE)

Improper Verification of Cryptographic Signature

CWE-347

Top Fix

Upgrade Version

Upgrade to version 0.7.1, 0.8.1

Do you need more information?

Contact Us