CVE-2019-16753

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-16753

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-16753.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-16753

Published

2019-12-04T20:15:12.667Z

Modified

2025-11-14T09:21:15.692772Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in Decentralized Anonymous Payment System (DAPS) through 2019-08-26. The content to be signed is composed of a representation of strings, rather than being composed of their binary representations. This is a weak signature scheme design that would allow the reuse of signatures in some cases (or even the reuse of signatures, intended for one type of message, for another type). This also affects Private Instant Verified Transactions (PIVX) through 3.4.0.

References

https://officialdapscoin.com/wp-content/uploads/2019/09/DAPS-Coin-Final-Security-Audit-Red4Sec-2019.pdf

Affected packages

Git / github.com/pivx-project/pivx

Affected ranges

Type: GIT
Repo: https://github.com/pivx-project/pivx
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

78e7e46fa8101a5576c6909d4edb0d9ce60ef44d

Affected versions

2.*

2.0.0.0

3.*

3.0.5.1-branchpoint

Other

noversion

v0.*

v0.1.5

v0.1.6test1

v0.10.0

v0.10.0rc1

v0.10.0rc2

v0.10.0rc3

v0.10.0rc4

v0.10.1

v0.10.1rc1

v0.10.1rc2

v0.10.1rc3

v0.10.2

v0.10.2rc1

v0.11.0.0

v0.11.0.1

v0.11.0.10

v0.11.0.11

v0.11.0.12

v0.11.0.13

v0.11.0.14

v0.11.0.2

v0.11.0.3

v0.11.0.4

v0.11.0.5

v0.11.0.6

v0.11.0.7

v0.11.0.8

v0.11.0.9

v0.11.1.0

v0.11.1.1

v0.11.1.10

v0.11.1.11

v0.11.1.13

v0.11.1.14

v0.11.1.15

v0.11.1.16

v0.11.1.17

v0.11.1.18

v0.11.1.19

v0.11.1.2

v0.11.1.20

v0.11.1.21

v0.11.1.22

v0.11.1.23

v0.11.1.24

v0.11.1.25

v0.11.1.3

v0.11.1.4

v0.11.1.5

v0.11.1.6

v0.11.1.7

v0.11.1.8

v0.11.1.9

v0.11.2.0

v0.11.2.1

v0.11.2.10

v0.11.2.11

v0.11.2.12

v0.11.2.13

v0.11.2.14

v0.11.2.15

v0.11.2.16

v0.11.2.17

v0.11.2.18

v0.11.2.18-debug

v0.11.2.19

v0.11.2.2

v0.11.2.20

v0.11.2.21

v0.11.2.22

v0.11.2.23

v0.11.2.3

v0.11.2.4

v0.11.2.5

v0.11.2.6

v0.11.2.7

v0.11.2.8

v0.11.2.9

v0.12.0.0

v0.12.0.44

v0.12.0.45

v0.12.0.46

v0.12.0.47

v0.12.0.48

v0.12.0.49

v0.12.0.50

v0.12.0.51

v0.12.0.52

v0.12.0.53

v0.12.0.55

v0.12.0.56

v0.2.0

v0.2.10

v0.2.11

v0.2.12

v0.2.13

v0.2.2

v0.2.4

v0.2.5

v0.2.6

v0.2.7

v0.2.8

v0.2.9

v0.2rc2

v0.3.0

v0.3.1

v0.3.10

v0.3.11_notexact

v0.3.12

v0.3.13

v0.3.14

v0.3.15

v0.3.17

v0.3.18

v0.3.19

v0.3.1rc1

v0.3.2

v0.3.20

v0.3.20.01_closest

v0.3.20.2_closest

v0.3.21

v0.3.21rc

v0.3.22

v0.3.22rc1

v0.3.22rc2

v0.3.22rc3

v0.3.22rc4

v0.3.22rc5

v0.3.22rc6

v0.3.23

v0.3.23rc1

v0.3.24

v0.3.24rc1

v0.3.24rc2

v0.3.24rc3

v0.3.3

v0.3.6

v0.3.7

v0.3.8

v0.3rc1

v0.3rc2

v0.3rc4

v0.4.0

v0.4.00rc1

v0.4.00rc2

v0.5.0

v0.5.0rc1

v0.5.0rc2

v0.5.0rc3

v0.5.0rc4

v0.5.0rc5

v0.5.0rc6

v0.5.0rc7

v0.5.1

v0.5.1rc1

v0.5.1rc2

v0.6.0

v0.6.0rc1

v0.6.0rc2

v0.6.0rc3

v0.6.0rc4

v0.6.0rc5

v0.6.0rc6

v0.6.1

v0.6.1rc1

v0.6.1rc2

v0.7.0

v0.7.0rc1

v0.7.0rc2

v0.7.0rc3

v0.7.1

v0.7.1rc1

v0.8.0

v0.8.0rc1

v0.8.2

v0.8.2rc1

v0.8.2rc2

v0.8.2rc3

v0.9.0rc1

v0.9.0rc2

v0.9.2

v0.9.2.1

v0.9.2rc1

v0.9.2rc2

v0.9.3

v0.9.3rc1

v0.9.3rc2

v0.9.4

v1.*

v1.0.0.0

v1.0.1.0

v1.0.2.0

v1.0.2.1

v1.1.0.0

v1.1.0.1

v1.1.0.2

v2.*

v2.0.0.0

v2.0.1.0

v2.0.2.0

v2.0.3.0

v2.0.4.0

v2.0.5.0

v2.1.0.0

v2.1.1.0

v2.1.2.0

v2.1.2.1

v2.1.2.2

v2.1.2.3

v2.1.3.0

v2.1.3.1

v2.1.3.2

v2.1.3.3

v2.1.3.4

v2.1.4.0

v2.1.6

v2.1.7

v3.*

v3.4.0