It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25658
Reference (s):
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25658
- URL: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25658
- FEDORA:FEDORA-2021-15e50503d6
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APF364QJ2IYLPDNVFBOEJ24QP2WLVLJP/
- FEDORA:FEDORA-2021-783a157adc