RUSTSEC-2026-0072

See a problem?
Please try reporting it to the source first.
Source
https://rustsec.org/advisories/RUSTSEC-2026-0072
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0072.json
JSON Data
https://api.osv.dev/v1/vulns/RUSTSEC-2026-0072
Aliases
Published
2026-02-04T12:00:00Z
Modified
2026-03-24T08:41:23.142103Z
Summary
Missing Check for All-Zero X25519 Shared Secret
Details

Computing an X25519 shared secret with x25519_dalek::StaticSecret::diffie_hellman does not include the check that the key exchange was contributory, i.e. does not ensure on its own that the resulting shared secret is non-zero.

Impact

RFC 9180 mandates that implementations of HPKE must check for all zero Diffie-Hellman shared secrets and abort if so.

Applications using hpke-rs with the RustCryto provider would not perform this check allowing for non-contributive Diffie-Hellman shared secrets. Applications using hpke-rs with the libcrux provider are not affected.

Mitigation

Starting with version 0.6.0, an error will be returned when the computed Diffie-Hellman shared secret is all-zero.

Database specific 
{
    "license": "CC0-1.0"
}
References

Affected packages

crates.io / hpke-rs-rust-crypto

Package

Name
hpke-rs-rust-crypto
View open source insights on deps.dev
Purl
pkg:cargo/hpke-rs-rust-crypto

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
0.6.0

Ecosystem specific 

{
    "affected_functions": null,
    "affects": {
        "arch": [],
        "functions": [
            "hpke_rs_rust_crypto::HpkeRustCrypto::dh"
        ],
        "os": []
    }
}

Database specific

categories 
[]
source 
"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0072.json"
informational 
null
cvss 
null