Lucene search
HistoryJan 05, 2024 - 4:15 a.m.
CVE-2023-52323
pycryptodome pycryptodomex manger_attack oaep_decryption side-channel_leakage cve-2023-52323
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6
Confidence
High
EPSS
0.001
Percentile
37.2%
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
Affected configurations
Node
pycryptodomepycryptodomeRange<3.19.1python
ORpycryptodomepycryptodomexRange<3.19.1python
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pycryptodome | pycryptodome | * | cpe:2.3:a:pycryptodome:pycryptodome:*:*:*:*:*:python:*:* |
| pycryptodome | pycryptodomex | * | cpe:2.3:a:pycryptodome:pycryptodomex:*:*:*:*:*:python:*:* |
Related
nessus
nessus
EulerOS 2.0 SP11 : python-pycryptodome (EulerOS-SA-2024-1248)
2024-03-12 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : python-pycryptodomex (SUSE-SU-2024:0557-1)
2024-02-21 00:00:00
EulerOS Virtualization 2.10.0 : python-pycryptodome (EulerOS-SA-2024-1992)
2024-07-18 00:00:00
openvas
openvas
openSUSE: Security Advisory for python (SUSE-SU-2024:0601-1)
2024-03-04 00:00:00
redhatcve
redhatcve
CVE-2023-52323
2024-01-06 10:21:42
debiancve
debiancve
CVE-2023-52323
2024-01-05 04:15:07
wolfi
wolfi
CVE-2023-52323 vulnerabilities
2024-09-30 03:53:08
veracode
veracode
Information Leak
2024-01-08 06:30:36
osv
osv
PyCryptodome and pycryptodomex side-channel leakage for OAEP decryption
2024-01-05 06:30:19
CGA-vq89-7297-5422
2024-06-06 12:26:27
pycryptodome vulnerability
2024-01-23 13:39:22
ubuntu
ubuntu
PyCryptodome vulnerability
2024-01-23 00:00:00
cvelist
cvelist
CVE-2023-52323
2024-01-05 00:00:00
ubuntucve
ubuntucve
CVE-2023-52323
2024-01-05 00:00:00
cve
cve
CVE-2023-52323
2024-01-05 04:15:07
cgr
cgr
CVE-2023-52323 vulnerabilities
2024-05-19 03:07:16
alpinelinux
alpinelinux
CVE-2023-52323
2024-01-05 04:15:07
prion
prion
Crlf injection
2024-01-05 04:15:00
ibm
ibm
github
github
PyCryptodome and pycryptodomex side-channel leakage for OAEP decryption
2024-01-05 06:30:19
redhat
redhat
(RHSA-2024:2952) Moderate: resource-agents security and bug fix update
2024-05-22 06:35:10
(RHSA-2024:2968) Moderate: fence-agents security and bug fix update
2024-05-22 06:35:13
(RHSA-2024:2132) Moderate: fence-agents security and bug fix update
2024-04-30 06:14:50
almalinux
almalinux
Moderate: resource-agents security and bug fix update
2024-05-22 00:00:00
Moderate: fence-agents security and bug fix update
2024-05-22 00:00:00
Moderate: fence-agents security and bug fix update
2024-04-30 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2024-5.0-0251
2024-04-18 00:00:00
Moderate Photon OS Security Update - PHSA-2024-4.0-0595
2024-04-19 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0754
2024-04-30 00:00:00
oraclelinux
oraclelinux
fence-agents security and bug fix update
2024-05-23 00:00:00
fence-agents security and bug fix update
2024-05-02 00:00:00
rocky
rocky
fence-agents security and bug fix update
2024-06-14 13:59:30
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6
Confidence
High
EPSS
0.001
Percentile
37.2%
Related for NVD:CVE-2023-52323