PT-2024-27463 · Unknown +1 · Oqs-Provider +1

Name of the Vulnerable Software and Affected Versions: oqs-provider versions prior to 0.6.1 Description: The issue arises from the way oqs-provider handles lengths decoded with DECODE UINT32 at the start of serialized hybrid keys and signatures. Unchecked length values are later used for memory...