GHSA-78P6-6878-8MJ6 SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()
Summary A denial-of-service vulnerability exists in the SM2 PKE decryption path where an invalid elliptic-curve point C1 is decoded and the resulting value is unwrapped without checking. Specifically, AffinePoint::fromencodedpoint&encodedc1 may return a None/CtOption::None when the supplied...