CVE-2020-25658

Опубликовано: 12 нояб. 2020

Источник: debian

EPSS Низкий

Описание

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
python-rsa	unfixed			package

Примечания

https://github.com/sybrenstuvel/python-rsa/issues/165
Presumed fix upstream in 4.7 does not address the issue:
https://github.com/sybrenstuvel/python-rsa/issues/165#issuecomment-727580521
The library doesn't intend to guard against this: https://github.com/sybrenstuvel/python-rsa/issues/165#issuecomment-1603113867

EPSS

Процентиль: 49%

0.00255

Низкий

Связанные уязвимости

CVE-2020-25658

CVSS3: 7.5

ubuntu

больше 5 лет назад

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.

CVE-2020-25658

CVSS3: 5.9

redhat

больше 5 лет назад

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.

CVE-2020-25658

CVSS3: 7.5

nvd

больше 5 лет назад

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.

SUSE-SU-2023:0648-1

suse-cvrf

около 3 лет назад

Security update for python-rsa

SUSE-SU-2022:3932-1

suse-cvrf

больше 3 лет назад

Security update for python-rsa

EPSS

Процентиль: 49%

0.00255

Низкий