The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Python-RSA: information disclosure via Leading Nul Bytes

Synthesis of the vulnerability 

An attacker can bypass access restrictions to data via Leading Nul Bytes of Python-RSA, in order to obtain sensitive information.
Impacted software: Fedora, Ubuntu.
Severity of this computer vulnerability: 1/4.
Creation date: 14/07/2020.
Références of this announce: CVE-2020-13757, FEDORA-2020-5ed5627d2b, USN-4478-1, VIGILANCE-VUL-32800.

Description of the vulnerability 

An attacker can bypass access restrictions to data via Leading Nul Bytes of Python-RSA, in order to obtain sensitive information.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity vulnerability impacts software or systems such as Fedora, Ubuntu.

Our Vigil@nce team determined that the severity of this vulnerability is low.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this weakness alert.

Solutions for this threat 

Fedora 32: new python-rsa packages.
New packages are available:
  Fedora 32: python-rsa 3.4.2-15.fc32

Ubuntu 14.04: new python-rsa packages.
New packages are available:
  Ubuntu 14.04 ESM: python-rsa 3.1.2-1ubuntu0.1+esm1, python3-rsa 3.1.2-1ubuntu0.1+esm1
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer security workaround. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.