Juniper Junos OS Vulnerability (JSA11245)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11245 advisory. - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext. CVE-2020-25659 Note...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python cryptography

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Python cryptography, an open source software. The vulnerability is difficult to expolit since it is an internal component protected from direct access. Vulnerability Details CVEID: CVE-2020-36242 DESCRIPTION:...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2021-2428)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : python-cryptography (EulerOS-SA-2021-2428)

According to the version of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digestsize.CVE-2016-9243 Note...

python-cryptography: Bleichenbacher timing oracle attack against RSA decryption

A flaw was found in python-cryptography, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertext encrypted with RSA. The highest threat from this vulnerability is to confidentiality...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2021-2278)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2021-2278)

According to the version of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could...

EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2021-2252)

According to the version of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2021-2252)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2021-2178)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.0 : python-cryptography (EulerOS-SA-2021-2208)

According to the version of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2021-2208)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.1 : python-cryptography (EulerOS-SA-2021-2178)

According to the version of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB...

SUSE: Security Advisory (SUSE-SU-2020:3592-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3392-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0594-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0400

An update of 'python-cryptography' packages of Photon OS has been released...

Critical Photon OS Security Update - PHSA-2021-0400

Updates of 'python-cryptography' packages of Photon OS have been released...

python-cryptography: Bleichenbacher timing oracle attack against RSA decryption

A flaw was found in python-cryptography, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertext encrypted with RSA. The highest threat from this vulnerability is to confidentiality...

python-cryptography: Large inputs for symmetric encryption can trigger integer overflow leading to buffer overflow

A buffer-overflow flaw was found in the python-cryptography package. In certain sequences of update calls when symmetrically encrypting very large payloads 2GB could result in an integer overflow, leading to buffer overflows. Note: This fix is a workaround for the OpenSSL CVE-2021-23840 flaw...