CVE-2024-36405 | open-quantum-safe liboqs up to 0.10.0 ML-KEM 512 Secret Key timing discrepancy (GHSA-f2v9-5498-2vpp)

Inserito da Angelo Barbosa | Giu 10, 2024 | CVE

A vulnerability has been found in open-quantum-safe liboqs up to 0.10.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component ML-KEM 512 Secret Key Handler. The manipulation leads to observable timing discrepancy.

This vulnerability is known as CVE-2024-36405. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36405 | open-quantum-safe liboqs up to 0.10.0 ML-KEM 512 Secret Key timing discrepancy (GHSA-f2v9-5498-2vpp)

Post correlati

CVE-2024-3504 | lunary-ai lunary up to 1.2.6 access control

CVE-2024-3666 | Opal Estate Pro Plugin up to 1.7.6 on WordPress cross site scripting

CVE-2023-49095 | nexryai nexkey prior 12.122.2 ActivityPub Request input validation

CVE-2024-33881 | VirtoSoftware Virto Bulk File Download for SharePoint 2019 5.5.44 UNC Share Pathname Download.ashx path information disclosure