Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
6 Aug 2022
5 Aug 2022
Introduced: 5 Aug 2022CVE-2020-25657 Open this link in a new tab
How to fix?
python3-M2Crypto to version 0.38.0-150400.3.6.1 or higher.
Note: Versions mentioned in the description apply to the upstream
How to fix? for
SLES:15.4 relevant versions.
A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.