CVE-2016-9243
HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.
7.5CVSS
7.2AI Score
0.006EPSS