CVE-2023-50782

CVSS v4.0

8.7

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions python-cryptography (affected versions not specified)

Description A flaw was found in the python-cryptography package, which may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges. This could lead to exposure of confidential or sensitive data. The issue is related to an uncontrolled consumption of resources in the RSA Key Exchange Handler component.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Side Channel Attack

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-208CWE-385CWE-203

Related Identifiers

ALT-PU-2024-12943

AZL-34309

AZL-35129

BDU:2024-04115

CVE-2023-50782

ECHO-96E2-B383-D2C5

GHSA-3WW4-GG4F-JR7F

MGASA-2025-0069

OESA-2025-1774

OESA-2025-1775

OESA-2025-1776

OESA-2025-1863

OESA-2025-1864

OESA-2025-1865

OPENSUSE-SU-2024:14416-1

OPENSUSE-SU-2024_3765-1

OPENSUSE-SU-2024_3766-1

OPENSUSE-SU-2024_3905-1

OPENSUSE-SU-2024_3943-1

SUSE-SU-2024:3757-1

SUSE-SU-2024:3765-1

SUSE-SU-2024:3766-1

SUSE-SU-2024:3871-1

SUSE-SU-2024:3872-1

SUSE-SU-2024:3904-1

SUSE-SU-2024:3905-1

SUSE-SU-2024:3943-1

SUSE-SU-2024_3757-1

SUSE-SU-2024_3765-1

SUSE-SU-2024_3766-1

SUSE-SU-2024_3871-1

SUSE-SU-2024_3872-1

SUSE-SU-2024_3904-1

SUSE-SU-2024_3905-1

SUSE-SU-2024_3943-1

SUSE-SU-2025:20081-1

SUSE-SU-2025:20593-1

USN-6663-1

USN-6673-1

USN-6673-2

Affected Products

Alt Linux

Astra Linux

Debian

Linuxmint

Red Os

Suse

Ubuntu

Python-Cryptography

CVE-2023-50782

Weakness Enumeration

Related Identifiers

Affected Products

References · 102