29 matches found
GHSA-MPMC-QCHH-R9Q8 Altcha Proof-of-Work obfuscation mode cryptanalytic break
A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction...
@levo-so/react (>=0.1.15 <=0.1.43), @levo-so/react-collection (>=0.0.1 <=0.1.86) +2 more potentially affected by CVE-2025-65849 via altcha (>=1.0.7 <=2.0.2)
altcha NPM version =1.0.7, =0.1.15, =0.0.1, =0.1.91, =0.0.23, =0.0.34 Source cves: CVE-2025-65849 Source advisory: SNYK:JS-ALTCHA-14236435...
Inadequate Encryption Strength
Overview org.webjars.npm:altcha is a Privacy-first CAPTCHA widget, compliant with global regulations GDPR/HIPAA/CCPA/LGDP/DPDPA/PIPL and WCAG accessible. No tracking, self-verifying. Affected versions of this package are vulnerable to Inadequate Encryption Strength in the Proof of Work obfuscatio...
CVE-2025-65849
A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction. NOTE: this is disputed by the Supplier because the product's objective is "to discourage automated...
CVE-2025-65849
A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction. NOTE: this is disputed by the Supplier because the product's objective is "to discourage automated...
CVE-2025-65849
A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction. NOTE: this is disputed by the Supplier because the product's objective is "to discourage automated...
CVE-2025-65849
A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction. NOTE: this is disputed by the Supplier because the product's objective is "to discourage automated...
ALTCHA 安全漏洞
ALTCHA is a self-hosted CAPTCHA software from ALTCHA Open Source. A security vulnerability exists in ALTCHA that stems from a cryptanalysis flaw that could lead to the recovery of random numbers through mathematical derivation...
PT-2025-49588
A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction...