Описание
PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | code not present |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 3.6.6 |
| xenial | DNE |
Показывать по
10
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 7 лет назад
PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.
CVSS3: 7.5
debian
больше 7 лет назад
PyCryptodome before 3.6.6 has an integer overflow in the data_len vari ...
5 Medium
CVSS2
7.5 High
CVSS3