CVE-2025-58359 | ZcashFoundation frost up to 2.1.x refresh missing cryptographic step (GHSA-wgq8-vr6r-mqxm)

Inserito da Angelo Barbosa | Set 5, 2025 | CVE

A vulnerability categorized as problematic has been discovered in ZcashFoundation frost up to 2.1.x. This issue affects the function frost_core::keys::refresh. The manipulation results in missing cryptographic step.

This vulnerability is reported as CVE-2025-58359. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2025-58359 | ZcashFoundation frost up to 2.1.x refresh missing cryptographic step (GHSA-wgq8-vr6r-mqxm)

Post correlati

CVE-2024-0571 | Totolink LR1200GB 9.1.0u.6619_B20230130 /cgi-bin/cstecgi.cgi setSmsCfg text stack-based overflow

CVE-2023-25699 | VideoWhisper Live Streaming Integration Plugin up to 5.5.15 on WordPress os command injection

CVE-2024-44450 | AIMS eCrew prior JUN23 #190 authorization

CVE-2025-49014 | jqlang jq 1.8.0 /src/builtin.c f_strflocaltime use after free (GHSA-rmjp-cr27-wpg2)