The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability under Chosen Message Attacks) property. This allows attackers to create new valid signatures different from previous signatures for a known message.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| net.i2p.crypto:eddsa(Maven) | 0 | N/A | N/A |
| net.i2p:i2p(Maven) | 0 | 0.9.39 | N/A |
CVSS Metrics
