First published: Mon Nov 20 2023(Updated: )
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding.
An issue in `/upydev/keygen.py` in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Carglglz Upydev | =0.4.3 | |
pip/upydev | <=0.4.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue in upydev v0.4.3 is CVE-2023-48051.
The severity of CVE-2023-48051 is high with a CVSS score of 7.5.
Attackers can exploit CVE-2023-48051 by decrypting sensitive information through weak encryption padding.
The vulnerable version affected by CVE-2023-48051 is upydev v0.4.3.
To fix CVE-2023-48051 in upydev v0.4.3, it is recommended to update to a patched version provided by Carglglz or pip.