29 matches found
PT-2026-49122
This crate provides Rust bindings to ML-KEM FIPS 203 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...
PT-2026-49123
This crate provides shared trait definitions for the pqcrypto- ecosystem, which wraps C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604. As a result, this crate and the broader pqcrypto- ecosystem will no longer receive updates. Use...
CVE-2023-24025
CRYSTALS-DILITHIUM in Post-Quantum Cryptography Selected Algorithms 2022 in PQClean d03da30 may allow universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector...
PQClean has a correctness error in HQC decapsulation
Impact A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, part of the secret key is incorrectly treated as non-secret data. This results in an incorrect shared secret value being returned when the decapsulation...
Observable Timing Discrepancy in pypqc
Impact kyber512, kyber768, and kyber1024 on Mac OS \or when compiled with clang\ only: An attacker able to submit many decapsulation requests against a single private key, and to gain timing information about the decapsulation, could recover the private key. Proof-of-concept exploit exists for a...
PT-2023-19366 · Pqclean · Pqclean
Name of the Vulnerable Software and Affected Versions: PQClean version d03da30 Description: The issue allows universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector. This is related to CRYSTALS-DILITHIUM in Post-Quantum...
PQClean 数据伪造问题漏洞
PQClean is a clean, portable, and tested implementation of post-quantum cryptography. PQClean suffers from a security vulnerability that stems from an intermediate data leak in vectors leading to the possibility of forging digital signatures...
CVE-2023-24025
CRYSTALS-DILITHIUM in Post-Quantum Cryptography Selected Algorithms 2022 in PQClean d03da30 may allow universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector...
CVE-2023-24025
CVE-2023-24025 concerns the PQClean implementation of CRYSTALS-DILITHIUM (version vector d03da30) where an intermediate data leak in a single vector can enable universal forgeries of digital signatures. The issue is tied to the CRYSTALS-DILITHIUM component used within PQClean, not to a broader pr...