Astra Linux – Vulnerability in Botan
Botan is a C++ cryptography library. Starting from version 2.3.0 and before version 3.11.0, during SM2 decryption, the code responsible for checking the authentication code value C3 failed to verify that the encoded value had the expected length before comparison. An invalid ciphertext could lead...