CVE-2024-58262
LOWDescription
The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM.
CVSS v3.1 Score
2.9
LOW
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Weakness Type (CWE)
CWE-733
CWE-733
Affected Products
| Vendor | Product |
|---|---|
| dalek | curve25519-dalek |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-58262? +
The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM. It has a CVSS v3.1 base score of 2.9 (LOW).
How severe is CVE-2024-58262? +
CVE-2024-58262 has a CVSS v3.1 score of 2.9 out of 10, rated LOW. This is a low-severity vulnerability with limited impact.
What products are affected by CVE-2024-58262? +
CVE-2024-58262 affects products from dalek, specifically: curve25519-dalek. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-58262? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.
Related Vulnerabilities
CVE-2025-13024
9.8
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 145 and Thunderbird 145.
CVE-2025-52496
7.8
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be …
CVE-2025-20241
7.4
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and …