5 matches found
EUVD-2024-2372
Malicious code in bioql PyPI...
GHSA-J8CM-G7R6-HFPQ vodozemac's usage of non-constant time base64 decoder could lead to leakage of secret key material
Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and PkDecryption Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. Impa...
vodozemac's usage of non-constant time base64 decoder could lead to leakage of secret key material
Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and PkDecryption Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. Impa...
RUSTSEC-2024-0354 Usage of non-constant time base64 decoder could lead to leakage of secret key material
Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and PkDecryption Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. Impa...
Usage of non-constant time base64 decoder could lead to leakage of secret key material
Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and PkDecryption Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. Impa...