CVE-2017-1000246

Опубликовано: 17 нояб. 2017

Источник: ubuntu

Приоритет: negligible

CVSS2: 5

CVSS3: 5.3

Описание

Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	ignored	end of standard support, was needed
cosmic	not-affected	4.5.0+dfsg1-0ubuntu2
devel	not-affected	4.5.0+dfsg1-0ubuntu2
disco	not-affected	4.5.0+dfsg1-0ubuntu2
eoan	not-affected	4.5.0+dfsg1-0ubuntu2
esm-infra-legacy/trusty	DNE
esm-infra/bionic	needed
esm-infra/focal	not-affected	4.5.0+dfsg1-0ubuntu2
esm-infra/xenial	needed

Показывать по

Ссылки на источники

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2017-1000246

CVSS3: 5.3

redhat

больше 8 лет назад

Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.

CVE-2017-1000246

CVSS3: 5.3

nvd

около 8 лет назад

Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.

CVE-2017-1000246

CVSS3: 5.3

debian

около 8 лет назад

Python package pysaml2 version 4.4.0 and earlier reuses the initializa ...

GHSA-cq94-qf6q-mf2h

CVSS3: 5.3

github

больше 7 лет назад

Pysaml2 improperly initializes encryption vector

5 Medium

CVSS2

5.3 Medium

CVSS3

CVE-2017-1000246

Описание

Пакет python-pysaml2

Ссылки на источники

Связанные уязвимости