4.9
16 years ago
2 years ago
Known vulnerabilities in the rsa package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
rsa is a pure-Python RSA implementation. Affected versions of this package are vulnerable to Timing Attack via timed processing of valid How to fix Timing Attack? Upgrade | [2.0,4.7) |
rsa is a pure-Python RSA implementation. Affected versions of this package are vulnerable to Access Restriction Bypass. It does not detect How to fix Access Restriction Bypass? Upgrade | [0,4.1) |
The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a Berserk attack. | [,3.3) |
Affected versions of this package are vulnerable to Timing attacks. | [3.0,3.4.0) |
Affected versions of this package are vulnerable to Authentication Bypass due to not implementing authentication encryption or use MACs to validate messages before decrypting public key encrypted messages. | [3.0,3.4) |