← Back

Python Rsa

python-rsa

Vendor: Python Rsa Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-25658
3Fedoraproject
Python Rsa ProjectRedhat
3Fedora
Openstack PlatformPython Rsa
Nov 21, 2024
Nov 12, 2020
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
CVE-2020-13757
3Canonical
FedoraprojectPython Rsa Project
3Fedora
Python RsaUbuntu Linux
Nov 21, 2024
Jun 1, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if t...Show more
Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation).Show less