exploitDog

CVE-2021-37588

Опубликовано: 30 июл. 2021

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data.

Ссылки

https://eprint.iacr.org/2020/460
Third Party Advisory
https://github.com/JHUISI/charm/blob/dev/charm/schemes/abenc/abenc_yct14.py
Third Party Advisory
https://github.com/JHUISI/charm/issues/276
Issue Tracking
Third Party Advisory
https://www2.hci.uni-hannover.de/papers/Tan2019.pdf
Technical Description
Third Party Advisory
https://eprint.iacr.org/2020/460
Third Party Advisory
https://github.com/JHUISI/charm/blob/dev/charm/schemes/abenc/abenc_yct14.py
Third Party Advisory
https://github.com/JHUISI/charm/issues/276
Issue Tracking
Third Party Advisory
https://www2.hci.uni-hannover.de/papers/Tan2019.pdf
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jhu:charm:0.43:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.0027

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-327

Связанные уязвимости

GHSA-3w5v-ccpq-xw6c

CVSS3: 5.9

github

больше 3 лет назад

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data.

EPSS

Процентиль: 50%

0.0027

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-327