CVE-2023-50781

Observable Timing Discrepancy in pypi/m2crypto

Identifiers

GHSA-944j-8ch6-rf6x, CVE-2023-50781

Package Slug

pypi/m2crypto

Vulnerability

Observable Timing Discrepancy

Description

A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.

Affected Versions

All versions up to 0.40.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2024-02-06

source