{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34762?format=json","vulnerability_id":"VCID-m9eb-j1h4-w3g2","summary":"PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key.","aliases":[{"alias":"CVE-2012-2417"},{"alias":"PYSEC-2012-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7312?format=json","purl":"pkg:pypi/pycrypto@2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.6"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7301?format=json","purl":"pkg:pypi/pycrypto@1.9a2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@1.9a2"},{"url":"http://public2.vulnerablecode.io/api/packages/7302?format=json","purl":"pkg:pypi/pycrypto@1.9a5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@1.9a5"},{"url":"http://public2.vulnerablecode.io/api/packages/7303?format=json","purl":"pkg:pypi/pycrypto@1.9a6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@1.9a6"},{"url":"http://public2.vulnerablecode.io/api/packages/7304?format=json","purl":"pkg:pypi/pycrypto@2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7305?format=json","purl":"pkg:pypi/pycrypto@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7306?format=json","purl":"pkg:pypi/pycrypto@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7307?format=json","purl":"pkg:pypi/pycrypto@2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7308?format=json","purl":"pkg:pypi/pycrypto@2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/7309?format=json","purl":"pkg:pypi/pycrypto@2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/7310?format=json","purl":"pkg:pypi/pycrypto@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7311?format=json","purl":"pkg:pypi/pycrypto@2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.5"}],"references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081713.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081713.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081759.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081759.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081789.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081789.html"},{"reference_url":"https://bugs.launchpad.net/pycrypto/+bug/985164","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/pycrypto/+bug/985164"},{"reference_url":"http://secunia.com/advisories/49263","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/49263"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/75871","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/75871"},{"reference_url":"https://github.com/dlitz/pycrypto/blob/373ea760f21701b162e8c4912a66928ee30d401a/ChangeLog","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/dlitz/pycrypto/blob/373ea760f21701b162e8c4912a66928ee30d401a/ChangeLog"},{"reference_url":"https://github.com/Legrandin/pycrypto/commit/9f912f13df99ad3421eff360d6a62d7dbec755c2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Legrandin/pycrypto/commit/9f912f13df99ad3421eff360d6a62d7dbec755c2"},{"reference_url":"https://hermes.opensuse.org/messages/15083589","reference_id":"","reference_type":"","scores":[],"url":"https://hermes.opensuse.org/messages/15083589"},{"reference_url":"http://www.debian.org/security/2012/dsa-2502","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2012/dsa-2502"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:117","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:117"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/05/25/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/05/25/1"},{"reference_url":"http://www.osvdb.org/82279","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/82279"},{"reference_url":"http://www.securityfocus.com/bid/53687","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/53687"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m9eb-j1h4-w3g2"}