Search CVE reports
1 – 3 of 3 results
Some fixes available 1 of 5
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
1 affected package
pycryptodome
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pycryptodome | Not affected | Fixed | Ignored | Ignored |
PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.
1 affected package
pycryptodome
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pycryptodome | — | — | — | Not affected |
Some fixes available 5 of 6
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face...
2 affected packages
pycryptodome, python-crypto
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pycryptodome | — | — | — | Fixed |
| python-crypto | — | — | — | Fixed |