GHSA-V432-7F47-9G94 PostQuantum-Feldman-VSS'S Dependency Vulnerability in gmpy2 Leading to Interpreter Crash

Description: PostQuantum-Feldman-VSS, a Python library implementing Feldman's Verifiable Secret Sharing scheme with post-quantum security, was vulnerable to denial-of-service attacks in versions up to and including 0.7.6b0. This vulnerability stems from the library's reliance on the gmpy2 library...

PostQuantum-Feldman-VSS'S Dependency Vulnerability in gmpy2 Leading to Interpreter Crash

Description: PostQuantum-Feldman-VSS, a Python library implementing Feldman's Verifiable Secret Sharing scheme with post-quantum security, was vulnerable to denial-of-service attacks in versions up to and including 0.7.6b0. This vulnerability stems from the library's reliance on the gmpy2 library...

Allocation of Resources Without Limits or Throttling

Overview PostQuantum-Feldman-VSS is a Post-Quantum Secure Feldman's Verifiable Secret Sharing VSS in Python Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when performing arbitrary-precision calculations based on the GNU Multiple Precision...

Use of a Cryptographic Primitive with a Risky Implementation

Overview PostQuantum-Feldman-VSS is a Post-Quantum Secure Feldman's Verifiable Secret Sharing VSS in Python Affected versions of this package are vulnerable to Use of a Cryptographic Primitive with a Risky Implementation due to inadequate countermeasures in secureredundantexecution. An attacker c...

Covert Timing Channel

Overview PostQuantum-Feldman-VSS is a Post-Quantum Secure Feldman's Verifiable Secret Sharing VSS in Python Affected versions of this package are vulnerable to Covert Timing Channel through the findsecurepivot and securematrixsolve functions. An attacker can extract secret information used in the...