NuytsTech Security

CVE-2016-1494

by ·

The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.

Date published : 2016-01-13

http://www.securityfocus.com/bid/79829

https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff

Tags: