redhat · CVE-2016-9243

Quick triage

Priority: low Published: 2016-11-05 00:00:00 UTC Updated: 2016-11-05 00:00:00 UTC

View at Official redhat advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.

Description:

HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.

cvelogic Threat Intelligence