Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| beaker(PyPI) | 0 | 1.6.4 | N/A |
CVSS Metrics
