python-rsa (SUSE:Linux Enterprise Module for Public Cloud 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Public Cloud 12 package python-rsa, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2020-13757 — CVSS 7.5 (high): Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact…
CVE-2020-25658 — CVSS 7.5 (high): It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to…
CVE-2016-1494 — CVSS 5.3 (medium): The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent…
CVE-2016-9015 — CVSS 3.7 (low): Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not…