pycryptodome@3.16.0 vulnerabilities
Cryptographic library for Python
-
latest version
3.20.0
-
latest non vulnerable version
-
first published
10 years ago
-
latest version published
4 months ago
-
licenses detected
- [3.7.1,3.8.1); [3.10.1,)
Direct Vulnerabilities
Known vulnerabilities in the pycryptodome package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the OAEP decryption process, which previously had a side-channel leakage issue. This vulnerability could potentially be exploited through a Manger attack, a type of cryptographic attack. How to fix Use of a Broken or Risky Cryptographic Algorithm? Upgrade |
[,3.19.1)
|
Affected versions of this package are vulnerable to Observable Timing Discrepancy due to improper handling of OAEP decryption. An attacker can extract sensitive information by exploiting the side-channel leakage to perform a Manger attack (Marvin). How to fix Observable Timing Discrepancy? Upgrade |
[,3.19.1)
|