It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2150 advisory.
– It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA. (CVE-2020-25658)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More