VYPR
Moderate severityNVD Advisory· Published Jun 17, 2012· Updated Jun 16, 2026

CVE-2012-2417

CVE-2012-2417

Description

PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
PyCryptoPyPI
< 2.62.6

Affected products

22
  • Dlitz/Pycrypto21 versions
    cpe:2.3:a:dlitz:pycrypto:*:*:*:*:*:*:*:*+ 20 more
    • cpe:2.3:a:dlitz:pycrypto:*:*:*:*:*:*:*:*range: <=2.5
    • cpe:2.3:a:dlitz:pycrypto:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:1.1:alpha2:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:1.9:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:1.9:alpha2:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:1.9:alpha3:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:1.9:alpha4:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:1.9:alpha5:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:1.9:alpha6:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.1.0:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.1.0:alpha2:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.1.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:dlitz:pycrypto:2.4.1:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 2.6

Patches

Vulnerability mechanics

References

19

News mentions

0

No linked articles in our index yet.