EUVD-2023-0073

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-46894

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm. CVE-2023-46894 Note that Nessus relies on...

SUSE CVE-2023-46894

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

Weak Cryptography

esptool is vulnerable to weak cryptography. The vulnerability is due to the libraries usage of the AES ECB algorithm, which could allow an attacker to access sensitive information in system...

CVE-2023-46894

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

GHSA-3F38-96QM-R3FW esptool allows attackers to view sensitive information via weak cryptographic algorithm

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

esp-flasher (>=1.1.1 <=1.1.2), esphome (>=1.12.0 <=2023.12.9) +15 more potentially affected by CVE-2023-46894 via esptool (>=2.6.0 <=4.6.2)

esptool PYPI version =2.6.0, =1.1.1, =1.12.0, =1.1.0, =0.1.0, =0.1.0, =1.0.106, =1.19.0, =1.20.3, =0.2.0, =0.1.1.dev1, =0.6.0, =0.1.0, =0.24.0, =1.0.3, =1.0.1, =1.0.180 and more Source cves: CVE-2023-46894 Source advisory: OSV:GHSA-3F38-96QM-R3FW...

esptool allows attackers to view sensitive information via weak cryptographic algorithm

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

CVE-2023-46894

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

CVE-2023-46894

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

CVE-2023-46894

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

PYSEC-2023-234

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

CVE-2023-46894

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

UBUNTU-CVE-2023-46894

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

esp-flasher (>=1.1.1 <=1.1.2), esphome (>=1.16.0b1 <=2022.11.5) +3 more potentially affected by CVE-2023-46894 via esptool (>=3.0.0 <=3.3.3)

esptool PYPI version =3.0.0, =1.1.1, =1.16.0b1, =1.0.106, =0.6.0, =0.1.0, =0.9.0 Source cves: CVE-2023-46894 Source advisory: OSV:PYSEC-2023-234...

esphome (>=1.14.0 <=1.14.3), esphomeflasher (=1.1.0) potentially affected by CVE-2023-46894 via esptool (>=2.6.0 <=2.7.0)

esptool PYPI version =2.6.0, =1.14.0, =1.14.3 - esphomeflasher =1.1.0 Source cves: CVE-2023-46894 Source advisory: OSV:PYSEC-2023-234...

PYSEC-2023-234

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

esphome (>=2025.8.0 <=2026.2.4) potentially affected by CVE-2023-46894 via esptool (>=5.0.2 <=5.1.0)

esptool PYPI version =5.0.2, =2025.8.0, =2026.2.4 Source cves: CVE-2023-46894 Source advisory: OSV:PYSEC-2023-234...

Information disclosure

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

Espressif Systems esptool Security Vulnerability

Espressif Systems esptool is a Python-based, open-source, platform-independent utility program from Espressif Systems that communicates with the ROM bootloader in the Espressif chip. A security vulnerability exists in Espressif Systems esptool version 4.6.2. An attacker could exploit this...