CVE-2025-4894 – Calmkart Django-sso-server RSA Key Encryption Weakness

May 18, 2025

CVE ID : CVE-2025-4894

Published : May 18, 2025, 8:15 p.m. | 4 hours, 9 minutes ago

Description : A vulnerability classified as problematic was found in calmkart Django-sso-server up to 057247929a94ffc358788a37ab99e391379a4d15. This vulnerability affects the function gen_rsa_keys of the file common/crypto.py. The manipulation leads to inadequate encryption strength. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4893 – Jammy928 CoinExchange CryptoExchange Java File Upload Path Traversal Vulnerability

Next Article CVE-2025-4891 – Apache Code-projects Police Station Management System Buffer Overflow Vulnerability

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-4894 – Calmkart Django-sso-server RSA Key Encryption Weakness

CVE-2025-5372 – OpenSSL SSH Key Derivation Buffer Initialization Vulnerability

CVE-2025-6944 – Uncode Core WordPress Stored Cross-Site Scripting

CVE-2023-7303 – Q2Apro Q2Apro-On-Site-Notifications Cross Site Scripting Vulnerability

CVE-2025-49865 – Helmut Wandl Advanced Settings CSRF Vulnerability

I finally built my first keyboard from scratch — thanks to Razer actually offering everything you need for the first time

CVE-2025-49435 – Hasina77 Wp Easy Allopass CSRF Vulnerability

CVE-2025-5223 – CVE-2022-36462: Apache HTTP Server Remote Code Execution

CVE-2025-49130 – Laravel Translation Manager Stored Cross-Site Scripting Vulnerability

CVE-2025-4709 – Campcodes Sales and Inventory System SQL Injection

Ubisoft’s delay of Assassin’s Creed Shadows worked out so well, the company is pushing back some of its biggest hitters — potentially as far as March 2028

CVE-2025-4894 – Calmkart Django-sso-server RSA Key Encryption Weakness

Related Posts