9 matches found
SUSE CVE-2023-1732
When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...
Insecure Randomness
github.com/cloudflare/circl is vulnerable to Insecure Randomness. Kyber and FrodoKEM did not check whether crypto/rand.Read returned an error, leading to a predictable shared secret. The tkn20 and blindrsa components did not check if enough randomness was returned from the user provided randomnes...
GHSA-2Q89-485C-9J2X Improper random reading in CIRCL
Impact When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did...
CVE-2023-1732
When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...
CVE-2023-1732
When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...
Design/Logic Flaw
When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...
CVE-2023-1732 Improper random reading in CIRCL
When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...
PT-2023-6901 · Circl · Circl
Name of the Vulnerable Software and Affected Versions: CIRCL versions prior to 1.3.3 Description: The issue arises from insufficient input validation and lack of measures to neutralize instructions in dynamically executed code in the crypto/rand.Read function. This could lead to a predictable...
CIRCL 安全漏洞
CIRCL is an open source collection of cryptographic primitives written in Go by Cloudflare. CIRCL has a security vulnerability that stems from the fact that the tkn20 and blindrsa components do not check whether a user-supplied random source returns sufficient randomness...