SUSE CVE-2013-1445

The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator PRNG before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a...

SUSE CVE-2013-7459

Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py...

Beaker Sensitive Information Disclosure vulnerability

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

fuel-pdsh (>=1.0.0.dev19 <=1.0.0.dev21), gittle3 (=0.6.0) +1 more potentially affected by CVE-2013-1445 via pycrypto (>=2.4.1 <=2.6.0)

pycrypto PYPI version =2.4.1, =1.0.0.dev19, =1.0.0.dev21 - gittle3 =0.6.0 - wipdevice =0.0.4 Source cves: CVE-2013-1445 Source advisory: OSV:GHSA-X377-F64P-HF5J...

PyCrypto does not properly reseed PRNG before allowing access

The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator PRNG before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a...

GHSA-X377-F64P-HF5J PyCrypto does not properly reseed PRNG before allowing access

The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator PRNG before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a...

PyCrypto makes Use of Insufficiently Random Values

PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key...

GHSA-V367-P58W-98H5 PyCrypto makes Use of Insufficiently Random Values

PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key...

fuel-pdsh (>=1.0.0.dev19 <=1.0.0.dev21) potentially affected by CVE-2012-2417 via pycrypto (=2.4.1)

pycrypto PYPI version =2.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on pycrypto and may be impacted: - fuel-pdsh =1.0.0.dev19, =1.0.0.dev21 Source cves: CVE-2012-2417 Source advisory: OSV:GHSA-V367-P58W-98H5...

Beaker Sensitive Information Disclosure vulnerability

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

Mageia: Security Advisory (MGASA-2013-0319)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0032)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0171)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : python-beaker (EulerOS-SA-2021-2608)

According to the versions of the python-beaker package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain...

EulerOS Virtualization 3.0.2.2 : python-crypto (EulerOS-SA-2021-2160)

According to the version of the python-crypto package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to...

EulerOS Virtualization for ARM 64 3.0.2.0 : python-crypto (EulerOS-SA-2021-2118)

According to the version of the python-crypto package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows...

SUSE: Security Advisory (SUSE-SU-2017:1744-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2350-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : python-crypto (EulerOS-SA-2021-1836)

According to the version of the python-crypto package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive...

EulerOS Virtualization 3.0.6.6 : python-crypto (EulerOS-SA-2021-1513)

According to the version of the python-crypto package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to...