CVE-2018-15560

Question

CVE-2018-15560

gcobr opened this issue 3 years ago · 0 comments

Version 0.6.1 of this library has a dependency on pycryptodome (from 3.3.1 to 3.4.0).

Versions of pycryptodome under 3.6.6 are associated with CVE-2018-15560.

Version 0.6.1 seems to have been the last one ever released; therefore, using this library will bring the CVE into any other project that includes it.