EulerOS 2.0 SP11 : python-cryptography (EulerOS-SA-2023-2706)

According to the versions of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions...

CVE-2023-49083 affecting package python-cryptography for versions less than 3.3.2-6

CVE-2023-49083 affecting package python-cryptography for versions less than 3.3.2-6. A patched version of the package is available...

CVE-2023-49083

A null-pointer dereference vulnerability was found in python-cryptography during the loading of PKCS7 certificates. Invoking "loadpempkcs7certificates" or "loadderpkcs7certificates" can trigger this issue and lead to subsequent segmentation fault and result in a Denial of Service DoS for any...

SUSE-SU-2023:4921-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates from a PKCS7 bundle bsc1217592...

Security Bulletin: Vulnerability in cryptography may affect IBM Spectrum Sentinel Anomaly Scan Engine (CVE-2023-23931, CVE-2023-38325)

Summary Vulnerabilities in python cryptography may affect IBM Spectrum Sentinel Anomaly Scan Engine. Vulnerabilities include: Python cryptography allowing remote attacker bypass authentication and obtain access to launch further attacks on the system. Vulnerability Details CVEID:CVE-2023-23931...

SUSE CVE-2023-50782

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-cryptography (SUSE-SU-2023:4842-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:4842-1 advisory. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...

SUSE SLES15 Security Update : python-cryptography (SUSE-SU-2023:4844-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4844-1 advisory. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates o...

SUSE-SU-2023:4844-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates from a PKCS7 bundle bsc1217592...

SUSE-SU-2023:4842-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates from a PKCS7 bundle bsc1217592...

Medium: python-cryptography

Issue Overview: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of...

PT-2023-9146 · Pypi +6 · Python-Cryptography +6

Name of the Vulnerable Software and Affected Versions: python-cryptography affected versions not specified Description: A flaw was found in the python-cryptography package, which may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges. This could lead to...

CVE-2023-50782

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. Mitigation Mitigation for this issue is either not available or the...

python-cryptography Security Vulnerabilities

python-cryptography is a Python code library for cryptographic applications from the Cryptographic team. A security vulnerability exists in python-cryptography. An attacker can exploit this vulnerability to obtain sensitive information...

Ubuntu: Security Advisory (USN-6539-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6539-1 python-cryptography vulnerabilities

It was discovered that the python-cryptography Cipher.updateinto function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. CVE-2023-23931 It was...

USN-6539-1: python-cryptography vulnerabilities

It was discovered that the python-cryptography Cipher.updateinto function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. CVE-2023-23931 It was...

Security Bulletin: IBM Cinder plug-in is affected by a vulnerability in the Python cryptography-40.0.0 package [CVE-2023-38325]

Summary The Python cryptography package which provides both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests, and key derivation functions, is used by IBM Cinder plug-in. cryptography-40.0.0 package could provide weaker than...

Important: Red Hat Security Advisory: Red Hat Quay security update

An update is now available for Red Hat Quay 3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

AZL-32051 CVE-2023-49083 affecting package python-cryptography for versions less than 3.3.2-6

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service...