18 matches found
ROOT-APP-PYPI-CVE-2026-34073 CVE-2026-34073 in rootio-cryptography - Patched by Root
Root has patched CVE-2026-34073 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...
Security Bulletin: IBM Edge Data Collector uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073
Summary IBM Edge Data Collector Component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION: cryptography is a package designed to...
Security Bulletin: IBM Edge Data Collector uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl, cryptography-46.0.6-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892
Summary IBM Edge Data Collector Component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, cryptography-46.0.6-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892. This bulletin contains information addressing the vulnerability. Vulnerability Details...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073
Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION:...
Security Bulletin: IBM Maximo Scheduler Optimizer uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073
Summary IBM Maximo Scheduler Optimizer uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION: cryptography is a package...
Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to multiple CVEs.
Summary IBM Maximo Application Suite uses qs-6.13.0.tgz, qs-6.14.0.tgz, pygments-2.19.2-py3-none-any.whl, and cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, which are vulnerable to CVE-2025-15284, CVE-2026-2391, CVE-2026-4539, and CVE-2026-34073. This bulletin contains information regardin...
SUSE-SU-2026:21116-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2026-34073: Fixed X.509 bypass of name constraints on wildcard SANs with matching peer names. bsc1260876...
Security Bulletin: z/Transaction Processing Facility is affected by a vulnerability in the cryptography package (CVE-2026-34073)
Summary The cryptography package is used by the z/TPF system as part of runtime metrics collection RTMC. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS nam...
0lever-utils (>=0.0.2 <=0.0.7), 0x-web3 (=5.0.0a5) +6223 more potentially affected by CVE-2026-34073 via cryptography (>=0.6.1 <=46.0.5)
cryptography PYPI version =0.6.1, =0.0.2, =2.3.0, =0.1.0, =0.5.0rc5, =0.9.2, =0.4.24, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =1.0.0, =1.0.0, =1.0.3 and more Source cves: CVE-2026-34073 Source advisory: OSV:PYSEC-2026-35...
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073
CVE-2026-34073 affects the Python cryptography package. Before 46.0.6, DNS name constraints were validated only against SANs in child certificates, not the peer name presented during validation, allowing a peer with a name like bar.example.com to validate against a wildcard certificate for *.exam...
Linux Distros Unpatched Vulnerability : CVE-2026-34073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only...
Fedora 44 : python-cryptography (2026-2423902e8b)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2423902e8b advisory. Update to v46.0.6 This includes a single fix for security issue: SECURITY ISSUE: Fixed a bug where name constraints were not applied to peer names during...
Fedora: Security Advisory (FEDORA-2026-6c010af7be)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 43 : python-cryptography (2026-6c010af7be)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6c010af7be advisory. Update to v46.0.6 This includes a single fix for security issue: SECURITY ISSUE: Fixed a bug where name constraints were not applied to peer names during...
CVE-2026-34073 vulnerabilities
Vulnerabilities for packages: ggshield, dask-kubernetes, mitmproxy, semgrep, in-toto, airflow, mycli, jupyter-base-notebook, kserve, k8s-sidecar, kubeflow-volumes-web-app, datadog-agent, py3-cassandra-medusa, kubeflow-jupyter-web-app...
acedeploy (>=2.4.119 <=2.4.342), adam-assist (>=0.3.4 <=0.3.9) +464 more potentially affected by CVE-2026-34073 via cryptography (>=46.0.0 <=46.0.5)
cryptography PYPI version =46.0.0, =2.4.119, =0.3.4, =0.5.0, =0.0.18, =0.1.0, =0.1.1.post72, =0.11.0, =1.0.6, =0.0.1, =1.1.2, =0.4.0, =0.7.0 - amazon-sagemaker-sql-execution =0.1.0 - amiibo-converter =0.2.0 - ansys-aedt-toolkits-common =0.2.0 and more Source cves: CVE-2026-34073 Source advisory:...
0lever-utils (>=0.0.2 <=0.0.7), 0x-web3 (=5.0.0a5) +6223 more potentially affected by CVE-2026-34073 via cryptography (>=0.6.1 <=46.0.5)
cryptography PYPI version =0.6.1, =0.0.2, =2.3.0, =0.1.0, =0.5.0rc5, =0.9.2, =0.4.24, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =1.0.0, =1.0.0, =1.0.3 and more Source cves: CVE-2026-34073 Source advisory: OSV:GHSA-M959-CC7F-WV43...