22 matches found
RHEL 7 : python-cryptography (RHSA-2018:3600)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3600 advisory. The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and...
SUSE CVE-2018-10903
A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...
Mageia: Security Advisory (MGASA-2018-0429)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0790-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0792-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : python-cffi, python-cryptography, python-xattr (SUSE-SU-2020:0790-1)
This update for python-cffi, python-cryptography and python-xattr fixes the following issues : Security issue fixed : CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed : python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256,...
SUSE SLES12 Security Update : python-cffi, python-cryptography (SUSE-SU-2020:0792-1)
This update for python-cffi, python-cryptography fixes the following issues : Security issue fixed : CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed : python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256, jscPM-1598: fixed ...
SUSE-SU-2020:0792-1 Security update for python-cffi, python-cryptography
This update for python-cffi, python-cryptography fixes the following issues: Security issue fixed: - CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed: python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256, jscPM-1598: - fixed...
SUSE-SU-2020:0790-1 Security update for python-cffi, python-cryptography, python-xattr
This update for python-cffi, python-cryptography and python-xattr fixes the following issues: Security issue fixed: - CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed: python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256,...
Photon OS 2.0: Python PHSA-2019-2.0-0198
An update of the python package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0198. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13297...
openSUSE Security Update : python-cryptography (openSUSE-2019-857)
This update for python-cryptography fixes the following issues : - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. ...
SUSE SLED15 / SLES15 Security Update : python-cryptography (SUSE-SU-2018:3392-1)
This update for python-cryptography fixes the following issues : CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1...
Moderate: Red Hat Security Advisory: python-cryptography security update
An update for python-cryptography is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Updated python-cryptography packages fix security vulnerability
The python-cryptography and python-cryptography-vectors packages have been updated to version 2.3.1 and fixes the following security issue: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker...
openSUSE Security Update : python-cryptography (openSUSE-2018-1281)
This update for python-cryptography fixes the following issues : - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. ...
openSUSE: Security Advisory for python-cryptography (openSUSE-SU-2018:3445-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for python-cryptography (moderate)
This update for python-cryptography fixes the following issues: - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1...
SUSE-SU-2018:3392-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1...
aepp-sdk (>=0.18.0.3 <=0.18.0.4), aletheia (=0.0.1) +63 more potentially affected by CVE-2018-10903 via cryptography (>=1.9.0 <=2.2.2)
cryptography PYPI version =1.9.0, =0.18.0.3, =3.1.0, =0.2.0, =0.2.2, =0.7.1, =1.2.1.20160901, =0.8.0, =0.0.1, =0.5.4, =0.9.191, =0.7.0, =0.3.1, =0.4.0 and more Source cves: CVE-2018-10903 Source advisory: OSV:GHSA-FCF9-3QW3-GXMJ...
DEBIAN-CVE-2018-10903
A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...