OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
412fc10e86453aaab19c93fb852ca1fb730cf5e3
advisory-db/crates/streebog/RUSTSEC-2019-0030.md
Michael Kedar 088ec034cf Remove CVE-2020-25575 from RUSTSEC-2019-0030 aliases (#1815) 
RUSTSEC-2019-0030 doesn't seem to have anything to do with CVE-2020-25575
2023-11-02 13:03:48 +00:00

527 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2019-0030"
package = "streebog"
aliases = ["CVE-2019-25006", "CVE-2019-25007", "GHSA-39wr-f4ff-xm6p", "GHSA-gf93-h79q-6jjv"]
categories = ["crypto-failure"]
date = "2019-10-06"
url = "https://github.com/RustCrypto/hashes/pull/91"

[versions]
patched = [">= 0.8.0"]

Incorrect implementation of the Streebog hash functions

Internal update-sigma function was implemented incorrectly and depending on debug-assertions it could've caused an incorrect result or panic for certain inputs.