AVG-2040 log
| Package | python-websockets |
| Status | Fixed |
| Severity | Medium |
| Type | private key recovery |
| Affected | 9.0.1-3 |
| Fixed | 9.1-1 |
| Current | 15.0.1-1 [extra] |
| Ticket | None |
| Created | Sun Jun 6 16:40:43 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-33880 | Medium | Yes | Private key recovery | The aaugustin websockets library before 9.1 for Python has an observable timing discrepancy on servers when HTTP Basic Authentication is enabled with... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 09 Jun 2021 | ASA-202106-26 | python-websockets | private key recovery |