CVE-2023-50782

Python Cryptography package vulnerable to Bleichenbacher timing oracle attack

Description

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

Python

Publish Date

February 5, 2024

Modified Date

October 22, 2024

Score Vector

Affected Versions