Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2020-25659
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
| Software | From | Fixed in |
|---|---|---|
| oracle / communications_cloud_native_core_network_function_cloud_native_environment | 1.10.0 | 1.10.0.x |
cryptography
|
- | 3.2 |
| cryptography.io / cryptography | 3.2 | 3.2.x |
- https://github.com/pyca/cryptography/commit/58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494
- https://github.com/pyca/cryptography/pull/5507/commits/ce1bef6f1ee06ac497ca0c837fbd1c7ef6c2472b
- https://github.com/pyca/cryptography/security/advisories/GHSA-hggm-jpg3-v476
- https://pypi.org/project/cryptography/
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html