CVE-2026-23966 sm-crypto Affected by Private Key Recovery in SM2-PKE

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto prior to version 0.3.14. By interacting with the SM2 decryption interface multiple times, an attacker can...

sm-crypto Affected by Private Key Recovery in SM2-PKE

Summary A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto. By interacting with the SM2 decryption interface multiple times, an attacker can fully recover the private key within approximately several hundred interactions. Credit This vulnerability was discovered...

python-cryptography: Bleichenbacher timing oracle attack against RSA decryption

A flaw was found in python-cryptography, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertext encrypted with RSA. The highest threat from this vulnerability is to confidentiality...

python-rsa: bleichenbacher timing oracle attack against RSA decryption

A flaw was found in python-rsa, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertext encrypted with RSA. The highest threat from this vulnerability is to confidentiality...

DEBIAN-CVE-2020-25658

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA...

PYSEC-2020-100

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA...

PT-2020-6703 · Pypi +8 · Python-Cryptography +8

Name of the Vulnerable Software and Affected Versions: python-cryptography versions 3.2 Description: The issue is related to errors in RSA key management in the python-cryptography package for the Python programming language. It may allow a remote attacker to gain unauthorized access to protected...