Описание
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cryptography.io:cryptography:3.2:*:*:*:*:python:*:*
Конфигурация 2
cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00252
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-385
NVD-CWE-Other
Связанные уязвимости
CVSS3: 5.9
ubuntu
больше 4 лет назад
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
CVSS3: 5.9
redhat
больше 4 лет назад
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
CVSS3: 5.9
debian
больше 4 лет назад
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks ...
EPSS
Процентиль: 49%
0.00252
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-385
NVD-CWE-Other