Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Python\-Rsa
(Python\-Rsa_project)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 2 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-06-01 | CVE-2020-13757 | Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation). | Ubuntu_linux, Fedora, Python\-Rsa | 7.5 | ||
2020-11-12 | CVE-2020-25658 | It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA. | Fedora, Python\-Rsa, Openstack_platform | 5.9 |