Buffer Overflow in pycrypto
Critical severity
GitHub Reviewed
Published
Dec 14, 2018
to the GitHub Advisory Database
•
Updated Jan 9, 2023
Description
Published to the GitHub Advisory Database
Dec 14, 2018
Reviewed
Jun 16, 2020
Last updated
Jan 9, 2023
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
References