Moderate severityNVD Advisory· Published Sep 15, 2012· Updated Jun 16, 2026
CVE-2012-3458
CVE-2012-3458
Description
Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
beakerPyPI | < 1.6.4 | 1.6.4 |
Affected products
3- ghsa-coords2 versions
< 1.6.4+ 1 more
- (no CPE)range: < 1.6.4
- (no CPE)range: < 1.11.0-5.5
Patches
Vulnerability mechanics
References
11- secunia.com/advisories/50226nvdVendor Advisory
- secunia.com/advisories/50520nvdVendor Advisory
- github.com/advisories/GHSA-39vm-p9mr-4r27ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2012-3458ghsaADVISORY
- www.debian.org/security/2012/dsa-2541nvdWEB
- www.openwall.com/lists/oss-security/2012/08/13/10nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/bbangert/beaker/commit/91becae76101cf87ce8cbfabe3af2622fc328fe5nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/beaker/PYSEC-2012-1.yamlghsaWEB
- web.archive.org/web/20140724164516/http://secunia.com/advisories/50226ghsaWEB
- web.archive.org/web/20140725025612/http://secunia.com/advisories/50520ghsaWEB
News mentions
0No linked articles in our index yet.