Описание
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
Ссылки
- Issue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.1 (включая) до 4.7 (исключая)
cpe:2.3:a:python-rsa_project:python-rsa:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack_platform:16.0:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00233
Низкий
7.5 High
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-385
CWE-327
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 5 лет назад
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
CVSS3: 5.9
redhat
около 5 лет назад
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
CVSS3: 7.5
debian
около 5 лет назад
It was found that python-rsa is vulnerable to Bleichenbacher timing at ...
EPSS
Процентиль: 46%
0.00233
Низкий
7.5 High
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-385
CWE-327