Is pycrypto safe to use?

pycrypto has 1 known vulnerabilities on the latest version (2.6.1). DepScope rates its health at 55/100 (high risk).

What is the latest version of pycrypto?

The latest version of pycrypto is 2.6.1, released 2014-06-20.

Does pycrypto have known vulnerabilities?

Yes. pycrypto has 1 known vulnerabilities. See depscope.dev/pkg/pypi/pycrypto for details.

Is pycrypto deprecated?

No, pycrypto is actively maintained. Latest release: 2.6.1 (2014-06-20).

What are alternatives to pycrypto?

Popular alternatives to pycrypto in PyPI include: boto3, packaging, urllib3, requests, typing-extensions.

What license does pycrypto use?

pycrypto is licensed under Public domain.

pycrypto

pypiv2.6.1

Cryptographic modules for Python.

License Public domain13 versions1 maintainers0 deps1,816,375 weekly dl

/ 100

Health

legacy but working

Still installable, but maintainers declared maintenance-mode. Unmaintained since 2014; security risk. For new projects prefer: cryptography, pycryptodome.

Update to >= 8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4 to fix known vulnerabilities

Moderate health score (55/100) — verify manually

Health breakdown0 – 100

0/25

maintenance

17/20

popularity

25/25

security

9/15

maturity

2/15

community

2/15

popularity_floor

Vulnerabilities

1 low

Advisories (1)

Severity	ID	Summary	Fixed in
unknown	CVE-2013-7459	Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.	8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4

Quality signals

Publish security

API token

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/pycrypto

pycrypto

pypiv2.6.1

Cryptographic modules for Python.

License Public domain13 versions1 maintainers0 deps1,816,375 weekly dl

/ 100

Health

legacy but working

Still installable, but maintainers declared maintenance-mode. Unmaintained since 2014; security risk. For new projects prefer: cryptography, pycryptodome.

Update to >= 8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4 to fix known vulnerabilities

Moderate health score (55/100) — verify manually

Health breakdown0 – 100

0/25

maintenance

17/20

popularity

25/25

security

9/15

maturity

2/15

community

2/15

popularity_floor

Vulnerabilities

1 low

Advisories (1)

Severity	ID	Summary	Fixed in
unknown	CVE-2013-7459	Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.	8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4

Quality signals

Publish security

API token

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/pycrypto