CVE-2020-25659

Summary

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.

Affected Software

VendorProductVersion RangeStatus
n/apython-cryptographypython-cryptography 3.2affected

Weaknesses

  • CWE-385: CWE-385

ADP Enrichment

CVE Program Container

Additional References

References