High severity vulnerability that affects pycryptodome

2018-08-27T19:52:28
ID GHSA-HGG3-G7GR-66R7
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:03

Description

PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.