CVE-2023-48056

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

Insecure AES Initialization Vector

PyPinkSign is vulnerable to the Insecure Initialization Vector. The vulnerability is due to usage of static Initialization Vector for AES encryption. This could lead to Information Disclosure...

GHSA-FXFF-WXXV-C2JC PyPinkSign uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

hometaxbot (>=0.1.1 <=0.2.2) potentially affected by CVE-2023-48056 via pypinksign (=0.5.1)

pypinksign PYPI version =0.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on pypinksign and may be impacted: - hometaxbot =0.1.1, =0.2.2 Source cves: CVE-2023-48056 Source advisory: OSV:GHSA-FXFF-WXXV-C2JC...

PyPinkSign uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

CVE-2023-48056

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

CVE-2023-48056

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

CVE-2023-48056

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

PYSEC-2023-245

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

hometaxbot (>=0.1.1 <=0.2.2) potentially affected by CVE-2023-48056 via pypinksign (=0.5.1)

pypinksign PYPI version =0.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on pypinksign and may be impacted: - hometaxbot =0.1.1, =0.2.2 Source cves: CVE-2023-48056 Source advisory: OSV:PYSEC-2023-245...

PYSEC-2023-245

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

CVE-2023-48056

PyPinkSign v0.5.1 uses a non-random or static IV for CBC mode in AES, which can lead to disclosure of information. CVE-2023-48056 is documented across multiple sources (NVD/Red Hat/GHSA/OSV) with consistent description; no explicit remediation version is provided in the connected documents. Explo...

CVE-2023-48056

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

CVE-2023-48056

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

PyPinkSign Security Vulnerability

PyPinkSign is a Python library for NPKI certificates from the individual developer Jung Sang-jun! A security vulnerability exists in PyPinkSign version v0.5.1, which stems from the use of non-random or static IVs for cipher block linking CBC mode in AES encryption, which could lead to information...