GHSA-cgfh-jp5w-8cmx

Опубликовано: 22 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.

Ссылки

EPSS

Процентиль: 18%

0.00057

Низкий

8.1 High

CVSS3

CVE ID

CVE-2022-48566

Дефекты

CWE-362

Связанные уязвимости

CVE-2022-48566

CVSS3: 5.9

ubuntu

почти 2 года назад

An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.

CVE-2022-48566

CVSS3: 5.9

redhat

почти 2 года назад

An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.

CVE-2022-48566

CVSS3: 5.9

nvd

почти 2 года назад

An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.

CVE-2022-48566

CVSS3: 5.9

debian

почти 2 года назад

An issue was discovered in compare_digest in Lib/hmac.py in Python thr ...

BDU:2023-06654

CVSS3: 8.1

fstec

больше 2 лет назад

Уязвимость функции hmac.compare_digest библиотеки Lib/hmac.py интерпретатора языка программирования Python, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 18%

0.00057

Низкий

8.1 High

CVSS3

CVE ID

CVE-2022-48566

Дефекты

CWE-362