CVE-2020-13757

Python-RSA before 4.1 ignores leading '' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation).
Configurations

Configuration 1

cpe:2.3:a:python-rsa_project:python-rsa:4.0:*:*:*:*:*:*:*

Information

Published : 2020-06-01 07:15

Updated : 2020-09-02 04:15


NVD link : CVE-2020-13757

Mitre link : CVE-2020-13757

Products Affected
No products.
CWE