CVE-2018-6594
- EPSS 0.74%
- Published 03.02.2018 15:29:00
- Last modified 21.11.2024 04:10:57
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only ...
CVE-2013-7459
- EPSS 13.43%
- Published 15.02.2017 15:59:00
- Last modified 20.04.2025 01:37:25
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
CVE-2013-1445
- EPSS 0.42%
- Published 26.10.2013 17:55:03
- Last modified 11.04.2025 00:51:21
The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator (PRNG) before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive info...
CVE-2012-2417
- EPSS 4.09%
- Published 17.06.2012 03:41:40
- Last modified 11.04.2025 00:51:21
PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the privat...