593 matches found
CVE-2020-36242
A buffer-overflow flaw was found in the python-cryptography package. In certain sequences of update calls when symmetrically encrypting very large payloads 2GB could result in an integer overflow, leading to buffer overflows. Note: This fix is a workaround for the OpenSSL CVE-2021-23840 flaw...
DEBIAN-CVE-2020-36242
In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...
CVE-2020-36242
The CVE refers to the Python cryptography package prior to 3.3.2. The issue arises from certain sequences of update() calls when symmetrically encrypting very large (multi-GB) payloads, which can trigger an integer overflow and buffer overflow, as demonstrated by the Fernet class. This affects cr...
python-cryptography input validation error vulnerability
python-cryptography is a Python code library for cryptographic applications from the Cryptographic team. An input validation error vulnerability exists in the python-cryptography package before 3.3.2 for Python, which originates from an integer overflow and a buffer overflow...
CVE-2020-25659 affecting package python-cryptography 2.3.1-4
CVE-2020-25659 affecting package python-cryptography 2.3.1-4. A patched version of the package is available...
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API via timed processing of valid PKCS#1 v1.5 ciphertext.
...
CVE-2020-25659
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...
ALPINE-CVE-2020-25659
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...
PYSEC-2021-62
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...
CVE-2020-25659
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...
CVE-2020-25659
CVE-2020-25659 affects python-cryptography 3.2, with a Bleichenbacher timing attack against the RSA decryption API (processing of valid PKCS#1 v1.5 ciphertext). Multiple connected advisories confirm the same issue and point to updated/ patched releases (e.g., python-cryptography 3.2.1 in AlmaLinu...
SUSE SLES12 Security Update : python-cryptography (SUSE-SU-2020:3629-1)
This update for python-cryptography fixes the following issues : CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
SUSE SLED15 / SLES15 Security Update : python-cryptography (SUSE-SU-2020:3592-1)
This update for python-cryptography fixes the following issues : CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
openSUSE Security Update : python-cryptography (openSUSE-2020-2173)
This update for python-cryptography fixes the following issues : - CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package...
OPENSUSE-SU-2020:2173-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168. This update was imported from the SUSE:SLE-15-SP2:Update update project...
Security update for python-cryptography (moderate)
openSUSE Security Update: Security update for python-cryptography Announcement ID: openSUSE-SU-2020:2173-1 Rating: moderate References: 1178168 Cross-References: CVE-2020-25659 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update...
SUSE-SU-2020:3629-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168...
SUSE-SU-2020:3592-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168...
MGASA-2020-0438 Updated python-cryptography packages fix security vulnerability
Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information CVE-2020-25659...
Updated python-cryptography packages fix security vulnerability
Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information CVE-2020-25659...