Search for packages
| purl | pkg:deb/debian/python-rsa@4.8-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-f4rp-ce4j-xkd3 | Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation). |
CVE-2020-13757
GHSA-537h-rv9q-vvph PYSEC-2020-99 |
| VCID-nqxh-d5pz-tuc1 | The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack. |
CVE-2016-1494
GHSA-8rjr-6qq5-pj9p PYSEC-2016-10 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-01T23:20:15.563204+00:00 | Debian Importer | Fixing | VCID-nqxh-d5pz-tuc1 | https://security-tracker.debian.org/tracker/data/json | 38.6.0 |
| 2026-04-28T13:52:21.644416+00:00 | Debian Importer | Fixing | VCID-f4rp-ce4j-xkd3 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T09:19:45.477228+00:00 | Debian Importer | Fixing | VCID-nqxh-d5pz-tuc1 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-11T18:13:58.345106+00:00 | Debian Importer | Fixing | VCID-nqxh-d5pz-tuc1 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:50:53.498625+00:00 | Debian Importer | Fixing | VCID-f4rp-ce4j-xkd3 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:50:53.451224+00:00 | Debian Importer | Fixing | VCID-nqxh-d5pz-tuc1 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |