115 matches found
PT-2026-31459
Name of the Vulnerable Software and Affected Versions cryptography versions 45.0.0 through 46.0.6 Description The cryptography package, designed for cryptographic primitives in Python, contains a flaw where non-contiguous buffers passed to APIs accepting Python buffers e.g., Hash.update can lead ...
Security Bulletin: There is a vulnerability in cryptography-46.0.3-cp311-abi3-manylinux_2_34_x86_64.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-26007)
Summary There is a vulnerability in cryptography-46.0.3-cp311-abi3-manylinux234x8664.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and recipes...
PYSEC-2026-35
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
Linux Distros Unpatched Vulnerability : CVE-2026-34073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only...
[SECURITY] Fedora 44 Update: python-cryptography-46.0.6-1.fc44
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...
[SECURITY] Fedora 43 Update: python-cryptography-46.0.5-1.fc43
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...
CVE-2026-26007
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...
DEBIAN-CVE-2026-26007
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...
AZL-77454 CVE-2026-26007 affecting package python-cryptography for versions less than 42.0.5-4
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...
CVE-2026-26007
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...
CVE-2026-26007 cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...
CVE-2026-26007 cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...
CVE-2026-26007
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...
CVE-2026-26007
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...
MiracleLinux 8 : python3.11-cryptography-37.0.2-6.el8 (AXSA:2024-8275:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8275:02 advisory. python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 Tenable has extracted the preceding description block directly from the...
EUVD-2023-0058
Malicious code in bioql PyPI...
EUVD-2023-0060
Malicious code in bioql PyPI...
EUVD-2023-0059
Malicious code in bioql PyPI...