Search for packages
| purl | pkg:ebuild/dev-python/pycrypto@2.6.1-r2 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-gg52-nkc5-4ff1
Aliases: CVE-2018-6594 GHSA-6528-wvf6-f6qg PYSEC-2018-97 |
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-qhem-k79n-akc6 | Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py. |
CVE-2013-7459
GHSA-cq27-v7xp-c356 PYSEC-2017-94 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:11:57.654025+00:00 | Gentoo Importer | Affected by | VCID-gg52-nkc5-4ff1 | https://security.gentoo.org/glsa/202007-62 | 38.0.0 |
| 2026-04-01T13:01:47.398295+00:00 | Gentoo Importer | Fixing | VCID-qhem-k79n-akc6 | https://security.gentoo.org/glsa/201702-14 | 38.0.0 |