CVE-2024-56327
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-56327 affects the `pyrage` Python library, which utilizes the Rust `age` crate for file encryption operations. The `age` library is vulnerable to the issue tracked as GHSA-4fg7-vxc8-qx5w. This vulnerability impacts specific versions of `pyrage`, and users are urged to update to version 1.2.3 to address the issue. Versions of `pyrage` prior to 1.2.0 are not affected due to the lack of plugin support. The equivalent issue was resolved in a reference Go implementation of `age`, as detailed in GHSA-32gq-x56h-299c. There are currently no known workarounds for this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.