Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/pycrypto@2.6.1
purl pkg:pypi/pycrypto@2.6.1
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-gg52-nkc5-4ff1
Aliases:
CVE-2018-6594
GHSA-6528-wvf6-f6qg
PYSEC-2018-97
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation. There are no reported fixed by versions.
VCID-qhem-k79n-akc6
Aliases:
CVE-2013-7459
GHSA-cq27-v7xp-c356
PYSEC-2017-94
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py. There are no reported fixed by versions.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-mrec-hnpq-jqdn The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator (PRNG) before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a child process is created and accesses the PRNG within the same rate-limit period as another process. CVE-2013-1445
GHSA-x377-f64p-hf5j
PYSEC-2013-29

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:54:42.110544+00:00 GitLab Importer Fixing VCID-mrec-hnpq-jqdn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2013-1445.yml 38.4.0
2026-04-16T20:50:35.371617+00:00 GitLab Importer Affected by VCID-qhem-k79n-akc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2013-7459.yml 38.4.0
2026-04-16T20:46:13.162100+00:00 GitLab Importer Affected by VCID-gg52-nkc5-4ff1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2018-6594.yml 38.4.0
2026-04-16T01:26:12.810344+00:00 GHSA Importer Affected by VCID-qhem-k79n-akc6 https://github.com/advisories/GHSA-cq27-v7xp-c356 38.4.0
2026-04-16T01:20:44.296850+00:00 GHSA Importer Affected by VCID-gg52-nkc5-4ff1 https://github.com/advisories/GHSA-6528-wvf6-f6qg 38.4.0
2026-04-11T23:10:00.356653+00:00 GitLab Importer Fixing VCID-mrec-hnpq-jqdn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2013-1445.yml 38.3.0
2026-04-11T22:01:13.952161+00:00 GitLab Importer Affected by VCID-qhem-k79n-akc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2013-7459.yml 38.3.0
2026-04-11T21:56:59.199698+00:00 GitLab Importer Affected by VCID-gg52-nkc5-4ff1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2018-6594.yml 38.3.0
2026-04-11T12:55:31.147426+00:00 GHSA Importer Affected by VCID-qhem-k79n-akc6 https://github.com/advisories/GHSA-cq27-v7xp-c356 38.3.0
2026-04-11T12:49:00.966001+00:00 GHSA Importer Affected by VCID-gg52-nkc5-4ff1 https://github.com/advisories/GHSA-6528-wvf6-f6qg 38.3.0
2026-04-04T14:31:46.783638+00:00 GHSA Importer Fixing VCID-mrec-hnpq-jqdn https://github.com/advisories/GHSA-x377-f64p-hf5j 38.1.0
2026-04-02T23:18:44.543953+00:00 GitLab Importer Fixing VCID-mrec-hnpq-jqdn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2013-1445.yml 38.1.0
2026-04-02T22:14:16.683710+00:00 GitLab Importer Affected by VCID-qhem-k79n-akc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2013-7459.yml 38.1.0
2026-04-02T22:10:22.819565+00:00 GitLab Importer Affected by VCID-gg52-nkc5-4ff1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2018-6594.yml 38.1.0
2026-04-02T13:48:02.022989+00:00 GHSA Importer Affected by VCID-qhem-k79n-akc6 https://github.com/advisories/GHSA-cq27-v7xp-c356 38.1.0
2026-04-02T13:43:32.004446+00:00 GHSA Importer Affected by VCID-gg52-nkc5-4ff1 https://github.com/advisories/GHSA-6528-wvf6-f6qg 38.1.0
2026-04-01T17:39:06.026304+00:00 GitLab Importer Fixing VCID-mrec-hnpq-jqdn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2013-1445.yml 38.0.0
2026-04-01T15:57:08.580979+00:00 GHSA Importer Affected by VCID-qhem-k79n-akc6 https://github.com/advisories/GHSA-cq27-v7xp-c356 38.0.0
2026-04-01T15:56:28.172311+00:00 GHSA Importer Affected by VCID-gg52-nkc5-4ff1 https://github.com/advisories/GHSA-6528-wvf6-f6qg 38.0.0
2026-04-01T14:58:41.572719+00:00 PyPI Importer Fixing VCID-mrec-hnpq-jqdn https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T13:09:55.069371+00:00 GithubOSV Importer Fixing VCID-mrec-hnpq-jqdn https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-x377-f64p-hf5j/GHSA-x377-f64p-hf5j.json 38.0.0
2026-04-01T12:48:11.146675+00:00 GitLab Importer Affected by VCID-qhem-k79n-akc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2013-7459.yml 38.0.0
2026-04-01T12:47:50.574103+00:00 GitLab Importer Affected by VCID-gg52-nkc5-4ff1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pycrypto/CVE-2018-6594.yml 38.0.0
2026-04-01T12:40:54.833226+00:00 Pypa Importer Fixing VCID-mrec-hnpq-jqdn https://github.com/pypa/advisory-database/blob/main/vulns/pycrypto/PYSEC-2013-29.yaml 38.0.0