3 matches found
cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API
A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces APIs that accept Python buffers, such as Hash.update. A remote attacker could exploit this to cause a buffer overflow, potentially leading t...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...
AZL-6974 CVE-2021-30004 affecting package wpa_supplicant for versions less than 2.9-4
In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c...