CVE-2013-1445 Medium Severity Vulnerability detected by WhiteSource #30
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2013-1445 - Medium Severity Vulnerability
Cryptographic modules for Python.
path: /example-python/requirements.txt
Library home page: https://pypi.python.org/packages/45/2f/e203759a099d002ef3b96f1e497d6d1b8ab56df695af8808f88bb7eff18b/pycrypto-2.4.tar.gz
Dependency Hierarchy:
The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator (PRNG) before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a child process is created and accesses the PRNG within the same rate-limit period as another process.
Publish Date: 2013-10-26
URL: CVE-2013-1445
Base Score Metrics not available
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2013-1445
Release Date: 2013-10-26
Fix Resolution: 2.6.1
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: