VDB
CVE-2024-21529
CVE-2024-21529
PUBLISHED
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
EPSS 0.08% · 23.8th percentile
Risk Scores
EPSS Score
0.08%
23.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | python-cryptography | * |
Timeline
- Sep 11, 2024 CVE Published
- Sep 12, 2024 EPSS Score
- Oct 2, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 22, 2024 EPSS Score
- Nov 10, 2024 EPSS Score
- Nov 30, 2024 EPSS Score
- Dec 21, 2024 EPSS Score
- Jan 10, 2025 EPSS Score
- Jan 29, 2025 EPSS Score
- Mar 10, 2025 EPSS Score
- Mar 22, 2025 Coalition ESS Score
References
- https://www.ibm.com/support/pages/node/7174802 advisory
- https://www.ibm.com/support/pages/node/7174634 advisory
- https://www.ibm.com/support/pages/node/7174639 advisory
- https://www.ibm.com/support/pages/node/7175196 advisory
- https://www.ibm.com/support/pages/node/7175086 advisory
- https://www.ibm.com/support/pages/node/7175192 advisory
- https://www.ibm.com/support/pages/node/7174799 advisory
- https://www.ibm.com/support/pages/node/7174797 advisory
- https://www.ibm.com/support/pages/node/7174945 advisory
- https://www.ibm.com/support/pages/node/7174912 advisory
- https://www.ibm.com/support/pages/node/7175166 advisory
- https://github.com/pyca/cryptography/pull/5507/commits/ce1bef6f1ee06ac497ca0c837fbd1c7ef6c2472b url
- https://www.oracle.com/security-alerts/cpuapr2022.html url
- https://www.oracle.com/security-alerts/cpujul2022.html url