CVE-2018-15560 in Python and Pycryptodome Products
Published on August 20, 2018
PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to the AESNI_encrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.
Products Associated with CVE-2018-15560
stack.watch emails you whenever new vulnerabilities are published in Python Pycryptodome or Pycryptodome. Just hit a watch button to start following.
Exploit Probability
EPSS
0.33%
Percentile
55.25%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.