CVE-2023-52323

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-52323
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52323.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-52323
Aliases
Downstream
Related
Published
2024-01-05T04:15:07.763Z
Modified
2026-04-12T08:24:44.098192Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.

References

Affected packages

Git / github.com/legrandin/pycryptodome

Affected ranges

Type
GIT
Repo
https://github.com/legrandin/pycryptodome
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
ed0c1ec63eb22dbe33b637bed381370a50e892bb
Database specific 
{
    "source": "CPE_FIELD",
    "cpe": [
        "cpe:2.3:a:pycryptodome:pycryptodome:*:*:*:*:*:python:*:*",
        "cpe:2.3:a:pycryptodome:pycryptodomex:*:*:*:*:*:python:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.19.1"
        }
    ]
}

Affected versions

v3.*
v3.0
v3.0rc1
v3.0rc2
v3.0rc3
v3.1
v3.10.0
v3.10.1
v3.10.4
v3.11.0
v3.12.0
v3.13.0
v3.14.0
v3.14.1
v3.15.0
v3.16.0
v3.17.0
v3.18.0
v3.19.0
v3.19.1
v3.2
v3.2.1
v3.3
v3.3.1
v3.4
v3.4.1
v3.4.10
v3.4.11
v3.4.12
v3.4.2
v3.4.3
v3.4.4
v3.4.5
v3.4.6
v3.4.8
v3.4.9
v3.5.1
v3.6.0
v3.6.1
v3.6.2
v3.6.3
v3.6.4
v3.6.5
v3.6.6
v3.7.0
v3.7.1
v3.7.2
v3.7.3
v3.8.0
v3.8.1
v3.8.2
v3.9.0
v3.9.1
v3.9.2
v3.9.3
v3.9.4
v3.9.5
v3.9.6
v3.9.7
v3.9.8
v3.9.9

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52323.json"