CVE-2012-2417 Medium Severity Vulnerability detected by WhiteSource #29

mend-bolt-for-github · 2019-03-25T06:47:58Z

CVE-2012-2417 - Medium Severity Vulnerability

Vulnerable Library - pycrypto-2.4.tar.gz

Cryptographic modules for Python.

path: /example-python/requirements.txt

Library home page: https://pypi.python.org/packages/45/2f/e203759a099d002ef3b96f1e497d6d1b8ab56df695af8808f88bb7eff18b/pycrypto-2.4.tar.gz

Dependency Hierarchy:

❌ pycrypto-2.4.tar.gz (Vulnerable Library)

Vulnerability Details

PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key.

Publish Date: 2012-06-17

URL: CVE-2012-2417

CVSS 2 Score Details (4.3)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-2417

Release Date: 2012-06-17

Fix Resolution: 2.6

Step up your Open Source Security Game with WhiteSource here

mend-bolt-for-github bot added the security vulnerability Security vulnerability detected by WhiteSource label Mar 25, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2012-2417 Medium Severity Vulnerability detected by WhiteSource #29

CVE-2012-2417 Medium Severity Vulnerability detected by WhiteSource #29

mend-bolt-for-github bot commented Mar 25, 2019

CVE-2012-2417 Medium Severity Vulnerability detected by WhiteSource #29

CVE-2012-2417 Medium Severity Vulnerability detected by WhiteSource #29

Comments

mend-bolt-for-github bot commented Mar 25, 2019

CVE-2012-2417 - Medium Severity Vulnerability