Deprecated Cypher Affecting pycryptodome package, versions [,3.4.4)


0.0
medium

Snyk CVSS

    Attack Complexity High
    Confidentiality High

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-PYTHON-PYCRYPTODOME-40784
  • published 22 Mar 2018
  • disclosed 31 Jan 2017
  • credit Unknown

Introduced: 31 Jan 2017

CVE NOT AVAILABLE CWE-327 Open this link in a new tab

How to fix?

Upgrade pycryptodome to version 3.4.4 or higher.

Overview

pycryptodome is Cryptographic library for Python.

Affected versions of the package are vulnerable to Deprecated Cypher. It contained the quick check feature of PGP block cipher mode, which was deprecated.

References