2 matches found
sm-crypto Affected by Signature Forgery in SM2-DSA
Summary A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto. Under default configurations, an attacker can forge valid signatures for arbitrary public keys. If the message space contains sufficient redundancy, the attacker can fix the prefix of the messag...
GHSA-HPWG-XG7M-3P6M sm-crypto Affected by Signature Forgery in SM2-DSA
Summary A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto. Under default configurations, an attacker can forge valid signatures for arbitrary public keys. If the message space contains sufficient redundancy, the attacker can fix the prefix of the messag...