CVE-2023-6237: Unbounded Bignum Primality Test
A BigNum (e.g., an RSA modulus) is tested for primality without first enforcing an upper bounds limit on its bit length. Miller-Rabin primality testing is computationally expensive, meaning that testing an excessively large attacker-controlled key can cause CPU exhaustion and Denial of Service.
Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0
Cβ
Cβgreprules fetch cve-2023-6237-unbounded-bignum-primality-test --engine opengrepDescription
A BigNum (e.g., an RSA modulus) is tested for primality without first enforcing an upper bounds limit on its bit length. Miller-Rabin primality testing is computationally expensive, meaning that testing an excessively large attacker-controlled key can cause CPU exhaustion and Denial of Service.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0