VYPR
High severityNVD Advisory· Published Jun 1, 2020· Updated Aug 4, 2024

CVE-2020-13757

CVE-2020-13757

Description

Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
rsaPyPI
< 4.14.1

Affected products

26

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.