{"id":"CVE-2020-36843","details":"The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability under Chosen Message Attacks) property. This allows attackers to create new valid signatures different from previous signatures for a known message.","aliases":["GHSA-p53j-g8pw-4w5f"],"modified":"2026-04-10T04:26:03.447256Z","published":"2025-03-13T06:15:34.043Z","related":["CGA-mx9v-ggh6-gw62","SUSE-SU-2025:1029-1","openSUSE-SU-2025:14892-1"],"references":[{"type":"WEB","url":"https://eprint.iacr.org/2020/1244"},{"type":"REPORT","url":"https://github.com/str4d/ed25519-java/issues/82#issue-727629226"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/str4d/ed25519-java","events":[{"introduced":"0"},{"last_affected":"7c26a6312c2d2e887210930698706103e0f2da7d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.3.0"}]}}],"versions":["v0.1.0","v0.3.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36843.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"}]}