suse · CVE-2013-7459

Quick triage

Priority: medium Published: 2021-05-30 13:17:10 UTC Updated: 2026-04-18 18:47:18 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2013-7459 severity moderate: SUSE including 240 source package names (amazon/suse-sles-15-sp1-chost-byos-v20210304-hvm-ssd-x86_64, amazon/suse-sles-15-sp1-chost-byos-v20220127-hvm-ssd-x86_64, …), 268 product×package rows across 32 product lines (Container caasp/v4/salt-api, Container caasp/v4/salt-master, … (32 product lines)): Known Affected 231, Fixed 37.

Description:

Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.

cvelogic Threat Intelligence