Site icon API Security Blog

Medium: python-rsa

**Issue Overview:**

A flaw was found in python-rsa, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertext encrypted with RSA. The highest threat from this vulnerability is to confidentiality. (CVE-2020-25658)

**Affected Packages:**

python-rsa

**Issue Correction:**
Run _yum update python-rsa_ to update your system.

**New Packages:**

noarch:
    python2-rsa-3.4.1-1.amzn2.0.4.noarch
    python3-rsa-3.4.1-1.amzn2.0.4.noarch

src:
    python-rsa-3.4.1-1.amzn2.0.4.src

### Additional References

Red Hat: [CVE-2020-25658]()

Mitre: [CVE-2020-25658]()Read More

Exit mobile version