Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
Algorithms compute incorrect results in blake2 Critical
CVE-2019-16143 was published for blake2 (Rust) Aug 25, 2021
Incorrect implementation of the Streebog hash functions in streebog High
CVE-2019-25006 was published for streebog (Rust) Aug 25, 2021
Incorrect hash in sha2 Critical
CVE-2021-45696 was published for sha2 (Rust) Jan 6, 2022
Incorrect MAC key used in the RC4-MD5 ciphersuite Moderate
CVE-2022-1434 was published for openssl-src (Rust) May 4, 2022
pinkforest
AES OCB fails to encrypt some bytes High
CVE-2022-2097 was published for openssl-src (Rust) Jul 6, 2022
another-rex
Ursa CL-Signatures Revocation allows verifiers to generate unique identifiers for holders Moderate
CVE-2024-22192 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential Moderate
CVE-2024-21670 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
cggmp21-keygen has ambiguous challenge derivation Low
GHSA-7jjx-3qw9-j6h6 was published for cggmp21-keygen (Rust) Nov 12, 2024
cggmp21 vulnerable to ambiguous challenge derivation Low
GHSA-rm66-9gh4-4gp8 was published for cggmp21 (Rust) Nov 12, 2024
paillier-zk has ambiguous challenge derivation Low
GHSA-fpr5-jp2j-4q2f was published for paillier-zk (Rust) Nov 12, 2024
ProTip! Advisories are also available from the GraphQL API