AVG-1441 - python-m2crypto - Arch Linux
AVG-1441 log
| Package | python-m2crypto |
| Status | Vulnerable |
| Severity | Medium |
| Type | private key recovery |
| Affected | 0.38.0-1 |
| Fixed | Unknown |
| Current | 0.38.0-1 [community] |
| Ticket | Create |
| Created | Tue Jan 12 17:15:40 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-25657 | Medium | No | Private key recovery | A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed... |