{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34823?format=json","vulnerability_id":"VCID-2t7d-kvmj-57c8","summary":"The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator (PRNG) before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a child process is created and accesses the PRNG within the same rate-limit period as another process.","aliases":[{"alias":"CVE-2013-1445"},{"alias":"PYSEC-2013-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7701?format=json","purl":"pkg:pypi/pycrypto@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-af5m-veyp-cugm"},{"vulnerability":"VCID-stxq-tcuq-aud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.6.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7301?format=json","purl":"pkg:pypi/pycrypto@1.9a2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@1.9a2"},{"url":"http://public2.vulnerablecode.io/api/packages/7302?format=json","purl":"pkg:pypi/pycrypto@1.9a5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@1.9a5"},{"url":"http://public2.vulnerablecode.io/api/packages/7303?format=json","purl":"pkg:pypi/pycrypto@1.9a6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@1.9a6"},{"url":"http://public2.vulnerablecode.io/api/packages/7304?format=json","purl":"pkg:pypi/pycrypto@2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7305?format=json","purl":"pkg:pypi/pycrypto@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7306?format=json","purl":"pkg:pypi/pycrypto@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7307?format=json","purl":"pkg:pypi/pycrypto@2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7308?format=json","purl":"pkg:pypi/pycrypto@2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/7309?format=json","purl":"pkg:pypi/pycrypto@2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/7310?format=json","purl":"pkg:pypi/pycrypto@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7311?format=json","purl":"pkg:pypi/pycrypto@2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"},{"vulnerability":"VCID-m9eb-j1h4-w3g2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/7312?format=json","purl":"pkg:pypi/pycrypto@2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t7d-kvmj-57c8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.6"}],"references":[{"reference_url":"https://github.com/dlitz/pycrypto/commit/19dcf7b15d61b7dc1a125a367151de40df6ef175","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/dlitz/pycrypto/commit/19dcf7b15d61b7dc1a125a367151de40df6ef175"},{"reference_url":"http://www.debian.org/security/2013/dsa-2781","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2013/dsa-2781"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/10/17/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2013/10/17/3"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2t7d-kvmj-57c8"}