4 matches found
libcrux-digest (>=0.0.4 <=0.0.7-rc.1), libcrux-kem (>=0.0.2 <=0.0.2-beta.3) +7 more potentially affected by unknown CVE via libcrux-sha3 (>=0.0.2-beta.3 <=0.0.8-rc.1)
libcrux-sha3 CARGO version =0.0.2-beta.3, =0.0.4, =0.0.2, =0.0.3, =0.0.2-alpha.1, =0.0.2-alpha.3 - libcrux-psq =0.0.2-beta.3 - pqc-combo =0.1.0 - pqc-fips =0.0.3 - pqc-nostd =0.1.0 - wpa-next =0.1.0 Source cves: unknown CVE Source advisory: OSV:GHSA-Q29P-9PFR-J652...
GHSA-Q29P-9PFR-J652 libcrux-sha3: Incorrect output from SHAKE squeeze functions
The incremental squeeze functions in the portable SHAKE XOF API, when attempting to squeeze more than RATE 168 for SHAKE128, 136 for SHAKE256 bytes, performed an additional permutation of the state before producing the first output block, thus discarding the first block of RATE bytes of valid XOF...
libcrux-sha3: Incorrect output from SHAKE squeeze functions
The incremental squeeze functions in the portable SHAKE XOF API, when attempting to squeeze more than RATE 168 for SHAKE128, 136 for SHAKE256 bytes, performed an additional permutation of the state before producing the first output block, thus discarding the first block of RATE bytes of valid XOF...
libcrux-aesgcm (=0.0.4-pre.1), libcrux-ml-dsa (=0.0.3) +1 more potentially affected by unknown CVE via libcrux-intrinsics (>=0.0.3 <=0.0.4-pre.1)
libcrux-intrinsics CARGO version =0.0.3, =0.0.3, =0.0.3-alpha.3 Source cves: unknown CVE Source advisory: OSV:GHSA-2CGV-28VR-RV6J...