Description

The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability under Chosen Message Attacks) property. This allows attackers to create new valid signatures different from previous signatures for a known message.

INFO

Published Date :

2025-03-13T00:00:00.000Z

Last Modified :

2025-03-18T16:22:08.617Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2020-36843 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2020-36843.

URL Resource
https://eprint.iacr.org/2020/1244 cve-icon cve-icon
https://github.com/str4d/ed25519-java/issues/82#issue-727629226 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact