python3.12-cryptography security update

🗓️ 10 Oct 2025 05:50:32Reported by Rockylinux Product ErrataType

Rocky Linux 9 security update fixes NULL pointer in pkcs12.serialize_key_and_certificates for mismatched certificate and key with hmac_hash (CVE-2024-26130).

Reporter	Title	Published	Views	Family All 115
IBM Security Bulletins	Security Bulletin: Vulnerability in Cryptography package affects watsonx.data	3 Sep 202420:53	–	ibm
IBM Security Bulletins	Security Bulletin: Storage Virtualize Ansible Collection is affected by a vulnerability in the Python Cryptographic Authority package	26 Jun 202406:15	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities exists in IBM Netezza Performance Server Replication Services	27 Feb 202619:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar App SDK for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	9 Apr 202418:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite uses cryptography-41.0.4-cp37-abi3-manylinux_2_28_x86_64.whl and cryptography-41.0.7-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-26130	1 Apr 202407:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities	16 Apr 202521:01	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Fusion is vulnerable to HTTP request smuggling, denial of server due to aiohttp, cryptography.	11 May 202416:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Concert Software is vulnerable to multiple issues	15 Apr 202503:06	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Jinja, idna & cryptography can affect IBM Storage Protect Plus Microsoft File Systems Backup and Restore	27 Jun 202408:34	–	ibm
IBM Security Bulletins	Security Bulletin: cryptography-42.0.0-cp37-abi3-manylinux_2_28_x86_64.whl and cryptography-42.0.3-cp37-abi3-manylinux_2_28_x86_64.whl is vulnerable to CVE-2024-26130 used in IBM Maximo Application Suite - Edge Data Collector	10 Apr 202410:49	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	9	aarch64	python3.12-cryptography	0:41.0.7-2.el9_6.1	python3.12-cryptography-0:41.0.7-2.el9_6.1.aarch64.rpm
Rocky Linux	9	ppc64le	python3.12-cryptography	0:41.0.7-2.el9_6.1	python3.12-cryptography-0:41.0.7-2.el9_6.1.ppc64le.rpm
Rocky Linux	9	s390x	python3.12-cryptography	0:41.0.7-2.el9_6.1	python3.12-cryptography-0:41.0.7-2.el9_6.1.s390x.rpm
Rocky Linux	9	x86_64	python3.12-cryptography	0:41.0.7-2.el9_6.1	python3.12-cryptography-0:41.0.7-2.el9_6.1.x86_64.rpm
Rocky Linux	9	aarch64	python3.12-cryptography-debuginfo	0:41.0.7-2.el9_6.1	python3.12-cryptography-debuginfo-0:41.0.7-2.el9_6.1.aarch64.rpm
Rocky Linux	9	ppc64le	python3.12-cryptography-debuginfo	0:41.0.7-2.el9_6.1	python3.12-cryptography-debuginfo-0:41.0.7-2.el9_6.1.ppc64le.rpm
Rocky Linux	9	s390x	python3.12-cryptography-debuginfo	0:41.0.7-2.el9_6.1	python3.12-cryptography-debuginfo-0:41.0.7-2.el9_6.1.s390x.rpm
Rocky Linux	9	x86_64	python3.12-cryptography-debuginfo	0:41.0.7-2.el9_6.1	python3.12-cryptography-debuginfo-0:41.0.7-2.el9_6.1.x86_64.rpm
Rocky Linux	9	aarch64	python3.12-cryptography-debugsource	0:41.0.7-2.el9_6.1	python3.12-cryptography-debugsource-0:41.0.7-2.el9_6.1.aarch64.rpm
Rocky Linux	9	ppc64le	python3.12-cryptography-debugsource	0:41.0.7-2.el9_6.1	python3.12-cryptography-debugsource-0:41.0.7-2.el9_6.1.ppc64le.rpm

10 Oct 2025 05:50Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.17.5

EPSS0.00462

SSVC