Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-36062

Malicious code in bioql PyPI...

7.5CVSS5.9AI score0.00515EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.8 views

CVE-2024-37880

The Kyber reference implementation before 9b8d306, when compiled by LLVM Clang through 18.x with some common optimization options, has a timing side channel that allows attackers to recover an ML-KEM 512 secret key in minutes. This occurs because polyfrommsg in poly.c does not prevent Clang from...

7.5CVSS6.8AI score0.00696EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/06/10 12:47 p.m.24 views

CVE-2024-36405 Control-flow timing leak in Kyber reference implementation when compiled with Clang 15-18 for -Os, -O1 and other options

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...

5.9CVSS6.9AI score0.00515EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/10 12:47 p.m.60 views

CVE-2024-36405 Control-flow timing leak in Kyber reference implementation when compiled with Clang 15-18 for -Os, -O1 and other options

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...

5.9CVSS0.00515EPSS
Exploits0References4
CVE
CVE
added 2024/06/10 12:47 p.m.84 views

CVE-2024-36405

CVE-2024-36405 affects the liboqs reference Kyber KEM implementation. A control-flow timing leak arises when the Kyber KEM is compiled with Clang 15–18 under certain options (including -Os and -O1), enabling a local attacker to measure decapsulation timings and recover the entire ML-KEM 512 secre...

7.5CVSS5.7AI score0.00515EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2024/06/10 12:47 p.m.13 views

CVE-2024-36405

Removed by vendor...

7.5CVSS6.7AI score0.00515EPSS
Exploits0
NVD
NVD
added 2024/06/10 2:15 a.m.26 views

CVE-2024-37880

The Kyber reference implementation before 9b8d306, when compiled by LLVM Clang through 18.x with some common optimization options, has a timing side channel that allows attackers to recover an ML-KEM 512 secret key in minutes. This occurs because polyfrommsg in poly.c does not prevent Clang from...

7.5CVSS0.00696EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/06/10 12:0 a.m.10 views

PT-2024-4342 · Liboqs +1 · Liboqs +1

Name of the Vulnerable Software and Affected Versions: liboqs versions prior to 0.10.1 Description: A control-flow timing issue has been identified in the reference implementation of the Kyber key encapsulation mechanism in liboqs, a C-language cryptographic library that provides implementations ...

8.2CVSS6.5AI score0.00515EPSS
Exploits0References38
Cvelist
Cvelist
added 2024/06/10 12:0 a.m.33 views

CVE-2024-37880

The Kyber reference implementation before 9b8d306, when compiled by LLVM Clang through 18.x with some common optimization options, has a timing side channel that allows attackers to recover an ML-KEM 512 secret key in minutes. This occurs because polyfrommsg in poly.c does not prevent Clang from...

0.00696EPSS
Exploits1References5
CVE
CVE
added 2024/06/10 12:0 a.m.37 views

CVE-2024-37880

The CVE affects the Kyber reference implementation prior to 9b8d306. The vulnerability is a timing side channel where poly_frommsg in poly.c can yield a vulnerable secret-dependent branch when compiled with LLVM Clang (through 18.x) with common optimizations, enabling attackers to recover an ML-K...

7.5CVSS6.4AI score0.00696EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder