AVG-2040 log

Package python-websockets
Status Fixed
Severity Medium
Type private key recovery
Affected 9.0.1-3
Fixed 9.1-1
Current 9.1-1 [community]
Ticket None
Created Sun Jun 6 16:40:43 2021
Issue Severity Remote Type Description
CVE-2021-33880 Medium Yes Private key recovery
The aaugustin websockets library before 9.1 for Python has an observable timing discrepancy on servers when HTTP Basic Authentication is enabled with...
Date Advisory Package Type
09 Jun 2021 ASA-202106-26 python-websockets private key recovery