It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
12 Feb 2023, 23:40
Type | Values Removed | Values Added |
---|---|---|
Summary | It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA. | |
References |
|
|
CWE | CWE-385 |
02 Feb 2023, 21:20
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-327 | |
Summary | A flaw was found in python-rsa, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertext encrypted with RSA. The highest threat from this vulnerability is to confidentiality. | |
References |
|
|
01 Jan 2022, 18:18
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QY4PJWTYSOV7ZEYZVMYIF6XRU73CY6O7/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2SAF67KDGSOHLVFTRDOHNEAFDRSSYIWA/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APF364QJ2IYLPDNVFBOEJ24QP2WLVLJP/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
|
First Time |
Fedoraproject fedora
Fedoraproject |
25 Sep 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
24 Sep 2021, 23:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-385 | |
References |
|
Information
Published : 2020-11-12 14:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-25658
Mitre link : CVE-2020-25658
CVE.ORG link : CVE-2020-25658
JSON object : View
Products Affected
fedoraproject
- fedora
python-rsa_project
- python-rsa
redhat
- openstack_platform