Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 15 of 15 results


CVE-2016-9243

Medium priority
Fixed

HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.

1 affected packages

python-cryptography

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-cryptography Fixed
Show less packages

CVE-2013-1445

Low priority
Ignored

The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator (PRNG) before allowing a child process to access it, which makes it easier for context-dependent attackers to...

1 affected packages

python-crypto

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-crypto Not affected Not affected Not affected
Show less packages

CVE-2007-6755

Low priority
Ignored

The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might...

10 affected packages

bouncycastle, gnutls26, gnutls28, libgcrypt11, mbedtls...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bouncycastle Not affected Not affected
gnutls26 Not in release Not in release
gnutls28 Not affected Not affected
libgcrypt11 Not in release Not in release
mbedtls Not affected Not affected
nss Not affected Not affected
openssl Not affected Not affected
openssl098 Not in release Not in release
polarssl Not in release Not in release
python-crypto Not affected Not affected
Show all 10 packages Show less packages

CVE-2012-2417

Medium priority

Some fixes available 4 of 5

PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks...

1 affected packages

python-crypto

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-crypto
Show less packages

CVE-2009-0544

Medium priority
Fixed

Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length.

1 affected packages

python-crypto

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-crypto
Show less packages