CVE-2023-52323

Name
CVE-2023-52323
Description
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cve@mitre.org https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst
cve@mitre.org https://pypi.org/project/pycryptodomex/#history

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:pycryptodome:pycryptodome:*:*:*:*:*:python:*:* py3-pycryptodome >= None < 3.19.1
cpe:2.3:a:pycryptodome:pycryptodomex:*:*:*:*:*:python:*:* py3-pycryptodomex >= None < 3.19.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
py3-pycryptodome 3.19-community 3.19.0-r0 Kevin Daudt <kdaudt@alpinelinux.org> possibly vulnerable