← voltar
CVE-2025-46833

Programs/P73_SimplePythonEncryption.py has weak cryptographic key

CVSS 4.6 MEDIUMEPSS 0.2%CWE-326
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 4.6EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
08 mai 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Programs/P73_SimplePythonEncryption.py illustrates a simple Python encryption example using the RSA Algorithm. In versions prior to commit 6ce60b1, an attacker may be able to decrypt the data using brute force attacks and because of this the whole application can be impacted. This issue has been patched in commit 6ce60b1. A workaround involves increasing the key size, for RSA or DSA this is at least 2048 bits, for ECC this is at least 256 bits.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
Produtos afetados
ShashikantSingh09 · python-progrrames

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/ShashikantSingh09/python-progrrames/commit/6ce60b1b2116a579a2e89de96d738a98f6ad4f27https://github.com/ShashikantSingh09/python-progrrames/security/advisories/GHSA-5h26-2c6g-4ch4