7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
49.3%
A vulnerability, which was classified as problematic, has been found in
cocagne pysrp up to 1.0.16. This issue affects the function calculate_x of
the file srp/_ctsrp.py. The manipulation leads to information exposure
through discrepancy. Upgrading to version 1.0.17 is able to address this
issue. The name of the patch is dba52642f5e95d3da7af1780561213ee6053195f.
It is recommended to upgrade the affected component. The associated
identifier of this vulnerability is VDB-216875.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | python-srp | < any | UNKNOWN |
ubuntu | 20.04 | noarch | python-srp | < any | UNKNOWN |
ubuntu | 22.04 | noarch | python-srp | < any | UNKNOWN |
ubuntu | 23.10 | noarch | python-srp | < any | UNKNOWN |
ubuntu | 24.04 | noarch | python-srp | < any | UNKNOWN |
ubuntu | 16.04 | noarch | python-srp | < any | UNKNOWN |