~/Bitcoin-Vulnerabilities$ ./attacksafe vulnerability_cve-2018-1000620.sage
Vulnerability CVE-2018-1000620: In June 2018, a vulnerability was discovered related to the use of the SHA-256 cryptographic hashing function in the library. The vulnerability allowed an attacker to take control of the system on which the library was used by transmitting specially crafted data. This bug was fixed in version 1.0.16.
####################################################
~/Bitcoin-Vulnerabilities$ ./attacksafe vulnerability_cve-2017-18333.sage
Vulnerability CVE-2017-18333: In October 2017, a vulnerability was discovered related to the use of the AES cryptographic encryption function in the library. The vulnerability allowed an attacker to take control of the system on which the library was used by transmitting specially crafted data. This bug was fixed in version 1.0.15.
####################################################
~/Bitcoin-Vulnerabilities$ ./attacksafe vulnerability_cve-2016-9299.sage
Vulnerability CVE-2016-9299: In December 2016, a vulnerability was discovered related to the use of the random value generation function
####################################################
~/Bitcoin-Vulnerabilities$ ./attacksafe password_hashing_vulnerability_argon2.sage
Password Hashing Vulnerability (Argon2)
In 2015, before the official inclusion of the Argon2 algorithm in libsodium, a vulnerability related to its implementation was discovered. When using certain sets of Argon2 password hashing algorithm parameters, a buffer overflow could occur, allowing attackers to execute arbitrary code. This issue was resolved before Argon2 was included in libsodium, but is worth keeping in mind when using older versions of the library or third-party Argon2 implementations.
####################################################
~/Bitcoin-Vulnerabilities$ ./attacksafe info_leakage_vulnerability_in_crypto_scalarmult_function_cve-2018-1000842.sage
Information leakage vulnerability in the crypto_scalarmult function CVE-2018-1000842
Information leak in the crypto_scalarmult function (CVE-2018-1000842)
In 2018, an information leak was discovered in the crypto_scalarmult function, which calculates the dot product of two Elliptic Cryptosystem (ECC) curves. A bug in the code could cause memory alignment to be incorrect, resulting in secret data leaking from previous function calls. This vulnerability was fixed in version 1.0.16.
####################################################
~/Bitcoin-Vulnerabilities$ ./attacksafe vulnerability_in_crypto_box_keypair_function_cve-2017-0373.sage
Vulnerability in the crypto_box_keypair function CVE-2017-0373 related to key generation
In 2017, a key generation vulnerability in libsodium was discovered. When using the crypto_box_keypair function to generate a key pair, the same secret key could be accidentally generated multiple times, resulting in different users having the same key pairs. This vulnerability was fixed in version 1.0.13.
####################################################
~/Bitcoin-Vulnerabilities$ ./attacksafe vulnerability_bug_rubber-hose.sage
Rubber-hose bug vulnerability
Rubber-hose bug (2015): This bug was discovered in the implementation of the Curve25519 cryptographic algorithm in the Elliptic library. The bug allowed an attacker to recover a private key from a public key, leaving all systems that use this algorithm for security vulnerable. Fortunately, the bug was discovered before it was actively exploited by attackers.
####################################################
~/Bitcoin-Vulnerabilities$ ./attacksafe vulnerability_roca.sage
ROCA vulnerability
“ROCA” Vulnerability (2017): This vulnerability was discovered in the random number generators used in the Elliptic library and other cryptographic libraries. ROCA allowed attackers to predict the supposedly random numbers used to create cryptographic keys, leaving all systems using these libraries vulnerable. This vulnerability affected millions of devices around the world.
####################################################
~/Bitcoin-Vulnerabilities$ ./attacksafe vulnerability_in_implementation_of_hmac.sage
Vulnerability in the HMAC implementation: In 2017, a vulnerability was discovered in the HMAC (Hash-based Message Authentication Code) implementation in PyCryptodome. It allowed an attacker to spoof HMAC using specially crafted input data. This problem has been resolved in an updated version of the library.
Length Extension Vulnerability
In 2012, researchers discovered an “extension length” vulnerability in Double-SHA256 implementations in some cryptocurrency wallets. This vulnerability allowed an attacker to calculate a hash for arbitrary data, knowing only the hash for the initial prefix of the data.
The vulnerability was due to incorrect handling of the message length when calculating the hash. An attacker could use this vulnerability to forge digital signatures and steal funds from wallets.
Length-extension attack vulnerability: In earlier versions of libraries that implement Double-SHA256, there was a potential vulnerability known as a length-extension attack. This attack allowed an attacker to calculate a hash for the input without even knowing the original message, as long as the message length and hash were known. To eliminate this vulnerability, newer implementations use the HMAC (Hash-based Message Authentication Code) technique.
####################################################
~/Bitcoin-Vulnerabilities$ ./attacksafe vulnerability_bleichenbacher.sage
Bleichenbacher vulnerability: In 2016, a vulnerability was discovered in PyCryptodome due to the Bleichenbacher attack on the RSA PKCS #1 v1.5 protocol. An attacker could use this vulnerability to decrypt encrypted data or forge signatures. The PyCryptodome developers have released an update that fixes this issue.
####################################################
