A vulnerability has been found in the ECDSA/EdDSA implementation of crypto++ up to 8.2.0, allowing for practical recovery of the long-term private key.
A vulnerability has been found in the ECDSA/EdDSA implementation of crypto++ up to 8.2.0, allowing for practical recovery of the long-term private key.
https://seclists.org/oss-sec/2019/q4/3 https://minerva.crocs.fi.muni.cz/ https://github.com/weidai11/cryptopp/issues/869 https://github.com/weidai11/cryptopp/pull/870/commits/80c59bcdb251043f27eef95a4f31224c4615c3ec https://github.com/weidai11/cryptopp/commit/c9ef9420e762