Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-cq27-v7xp-c356

Опубликовано: 14 дек. 2018
Источник: github
Github: Прошло ревью
CVSS4: 9.3
CVSS3: 9.8

Описание

Buffer Overflow in pycrypto

Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.

Ссылки

Пакеты

Наименование

pycrypto

pip
Затронутые версииВерсия исправления

<= 2.6.1

Отсутствует

EPSS

Процентиль: 94%
0.14532
Средний

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

CVE-2013-7459

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2013-7459

CVSS3: 9.8
ubuntu
почти 9 лет назад

Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.

redhat логотип

CVE-2013-7459

CVSS3: 9.8
redhat
около 10 лет назад

Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.

nvd логотип

CVE-2013-7459

CVSS3: 9.8
nvd
почти 9 лет назад

Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.

debian логотип

CVE-2013-7459

CVSS3: 9.8
debian
почти 9 лет назад

Heap-based buffer overflow in the ALGnew function in block_templace.c ...

suse-cvrf логотип

openSUSE-SU-2017:0156-1

suse-cvrf
около 9 лет назад

Security update for python-pycrypto

EPSS

Процентиль: 94%
0.14532
Средний

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

CVE-2013-7459

Дефекты

CWE-119