Vulnerabilities > CVE-2023-52323 - Information Exposure Through Discrepancy vulnerability in Pycryptodome and Pycryptodomex

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
high complexity
pycryptodome
CWE-203
NVD
Published: 2024-01-05
Updated: 2024-01-11

Summary

PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.

Vulnerable Configurations

Part Description Count
Application
Pycryptodome
98

Common Weakness Enumeration (CWE)

References