Vulnerabilities > CVE-2019-25002 - Unspecified vulnerability in Sodiumoxide Project Sodiumoxide 0.2.3/0.2.4

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
sodiumoxide-project

Summary

An issue was discovered in the sodiumoxide crate before 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties.

Vulnerable Configurations

Part Description Count
Application
Sodiumoxide_Project
2