VYPR
Critical severityNVD Advisory· Published Oct 21, 2022· Updated May 8, 2025

CVE-2022-37454

CVE-2022-37454

Description

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
pysha3PyPI
<= 1.0.2
sha3RubyGems
< 1.0.51.0.5

Affected products

196

Patches

Vulnerability mechanics

References

26

News mentions

0

No linked articles in our index yet.