Lucene search
K
DlitzPycrypto

4 matches found

CVE
CVE
added 2018/02/03 3:0 a.m.238 views

CVE-2018-6594

CVE-2018-6594 affects PyCrypto before or up to 2.6.1 due to weak ElGamal key parameter generation in lib/Crypto/PublicKey/ElGamal.py. This flaw breaks semantic security: under ciphertext-only attack an adversary could obtain plaintext information from ciphertext, as the Decisional Diffie-Hellman ...

7.5CVSS7.2AI score0.0211EPSS
CVE
CVE
added 2017/02/15 3:0 p.m.221 views

CVE-2013-7459

CVE-2013-7459 is a heap-based buffer overflow in the ALGnew function of block_templace.c in Python Cryptography Toolkit (pycrypto). An attacker could trigger arbitrary code execution by supplying a crafted iv to cryptmsg.py. IBM and Amazon Linux advisories corroborate the vulnerability in pycrypt...

9.8CVSS9.7AI score0.09501EPSS
CVE
CVE
added 2012/06/17 1:0 a.m.95 views

CVE-2012-2417

CVE-2012-2417 : PyCrypto before 2.6 generates ElGamal keys using inappropriate prime numbers, reducing the signature/public key space and enabling brute-force attacks to derive the private key. Connected sources confirm the issue affects PyCrypto ElGamal key generation and that fixed versions exi...

4.3CVSS6.1AI score0.02727EPSS
CVE
CVE
added 2013/10/26 5:0 p.m.88 views

CVE-2013-1445

CVE-2013-1445 affects PyCrypto’s Crypto.Random.atfork PRNG reseeding: a race condition allows a child process to access the PRNG within the same rate-limit period, potentially exposing sensitive information. Root cause is inadequate reseeding before forking in PyCrypto before 2.6.1. Affected: PyC...

4.3CVSS5.7AI score0.02007EPSS