CVE-2020-25657 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Private key recovery
Description	A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1441	python-m2crypto	0.38.0-3		Medium	Vulnerable

References
https://gitlab.com/m2crypto/m2crypto/-/issues/285 https://gitlab.com/m2crypto/m2crypto/-/issues/282