← back
CVE-2025-46833

Programs/P73_SimplePythonEncryption.py has weak cryptographic key

CVSS 4.6 MEDIUMEPSS 0.2%CWE-326
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.6EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
08 May 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Programs/P73_SimplePythonEncryption.py illustrates a simple Python encryption example using the RSA Algorithm. In versions prior to commit 6ce60b1, an attacker may be able to decrypt the data using brute force attacks and because of this the whole application can be impacted. This issue has been patched in commit 6ce60b1. A workaround involves increasing the key size, for RSA or DSA this is at least 2048 bits, for ECC this is at least 256 bits.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
Affected products
ShashikantSingh09 · python-progrrames

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/ShashikantSingh09/python-progrrames/commit/6ce60b1b2116a579a2e89de96d738a98f6ad4f27https://github.com/ShashikantSingh09/python-progrrames/security/advisories/GHSA-5h26-2c6g-4ch4