23 matches found
EulerOS Virtualization 3.0.6.0 : python-cryptography (EulerOS-SA-2024-1700)
According to the versions of the python-cryptography packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...
Fedora 39 : python-cryptography (2023-51706f88e3)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-51706f88e3 advisory. Automatic update for python-cryptography-37.0.2-8.fc39. Changelog Wed Feb 22 2023 Christian Heimes - 37.0.2-8 - Fix CVE-2023-23931: Don't allow updateinto to...
EulerOS 2.0 SP8 : python-cryptography (EulerOS-SA-2024-1293)
According to the versions of the python-cryptography packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions...
CentOS 9 : python3.11-cryptography-37.0.2-4.el9
The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the python3.11-cryptography-37.0.2-4.el9 build changelog. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions...
Amazon Linux 2023 : python3-cryptography (ALAS2023-2023-459)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-459 advisory. cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer...
USN-6539-1: python-cryptography vulnerabilities
It was discovered that the python-cryptography Cipher.updateinto function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. CVE-2023-23931 It was...
Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2023-2771)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python-cryptography: memory corruption via immutable objects
A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...
EulerOS Virtualization 2.9.0 : python-cryptography (EulerOS-SA-2023-2531)
According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...
EulerOS Virtualization 2.9.1 : python-cryptography (EulerOS-SA-2023-2518)
According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...
EulerOS Virtualization 2.10.1 : python-cryptography (EulerOS-SA-2023-2466)
According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...
Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2023-2320)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : python-cryptography (EulerOS-SA-2023-1827)
According to the versions of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions...
FreeBSD : py-cryptography -- allows programmers to misuse an API (a32ef450-9781-414b-a944-39f2f61677f2)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a32ef450-9781-414b-a944-39f2f61677f2 advisory. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developer...
Fedora 38 : python-cryptography (2023-749dd47c79)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-749dd47c79 advisory. Security fix for CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...
MGASA-2023-0071 Updated python-cryptography packages fix security vulnerability
Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as 'bytes' to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an...
CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
Design/Logic Flaw
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
CVE-2023-23931 Cipher.update_into can corrupt memory in pyca cryptography
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...