Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.19 views

RHEL 7 : python-cryptography (RHSA-2018:3600)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3600 advisory. The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and...

7.5CVSS6.8AI score0.03196EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.5 views

SUSE CVE-2018-10903

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

5.3CVSS6.5AI score0.03196EPSS
Exploits0References20
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2018-0429)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.03196EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2020:0790-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03196EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2020:0792-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03196EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2020/03/26 12:0 a.m.36 views

SUSE SLES12 Security Update : python-cffi, python-cryptography, python-xattr (SUSE-SU-2020:0790-1)

This update for python-cffi, python-cryptography and python-xattr fixes the following issues : Security issue fixed : CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed : python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256,...

7.5CVSS7.2AI score0.03196EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2020/03/26 12:0 a.m.36 views

SUSE SLES12 Security Update : python-cffi, python-cryptography (SUSE-SU-2020:0792-1)

This update for python-cffi, python-cryptography fixes the following issues : Security issue fixed : CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed : python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256, jscPM-1598: fixed ...

7.5CVSS6.9AI score0.03196EPSS
Exploits0References11
OSV
OSV
added 2020/03/25 2:14 p.m.5 views

SUSE-SU-2020:0792-1 Security update for python-cffi, python-cryptography

This update for python-cffi, python-cryptography fixes the following issues: Security issue fixed: - CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed: python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256, jscPM-1598: - fixed...

7.5CVSS7.5AI score0.03196EPSS
Exploits0References9
OSV
OSV
added 2020/03/25 12:24 p.m.7 views

SUSE-SU-2020:0790-1 Security update for python-cffi, python-cryptography, python-xattr

This update for python-cffi, python-cryptography and python-xattr fixes the following issues: Security issue fixed: - CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed: python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256,...

7.5CVSS7.5AI score0.03196EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2020/01/16 12:0 a.m.23 views

Photon OS 2.0: Python PHSA-2019-2.0-0198

An update of the python package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0198. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13297...

7.5CVSS6.8AI score0.03196EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.23 views

openSUSE Security Update : python-cryptography (openSUSE-2019-857)

This update for python-cryptography fixes the following issues : - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. ...

7.5CVSS6.6AI score0.03196EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.27 views

SUSE SLED15 / SLES15 Security Update : python-cryptography (SUSE-SU-2018:3392-1)

This update for python-cryptography fixes the following issues : CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1...

7.5CVSS6.7AI score0.03196EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/11/13 10:13 p.m.451 views

Moderate: Red Hat Security Advisory: python-cryptography security update

An update for python-cryptography is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.5CVSS6.7AI score0.03196EPSS
Exploits0References2
Mageia
Mageia
added 2018/11/03 11:55 a.m.38 views

Updated python-cryptography packages fix security vulnerability

The python-cryptography and python-cryptography-vectors packages have been updated to version 2.3.1 and fixes the following security issue: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker...

7.5CVSS3AI score0.03196EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/26 12:0 a.m.43 views

openSUSE Security Update : python-cryptography (openSUSE-2018-1281)

This update for python-cryptography fixes the following issues : - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. ...

7.5CVSS6.6AI score0.03196EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.17 views

openSUSE: Security Advisory for python-cryptography (openSUSE-SU-2018:3445-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.03196EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/25 6:17 p.m.366 views

Security update for python-cryptography (moderate)

This update for python-cryptography fixes the following issues: - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1...

5CVSS1.2AI score0.03196EPSS
Exploits0References1
OSV
OSV
added 2018/10/24 11:5 a.m.5 views

SUSE-SU-2018:3392-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1...

7.5CVSS7.3AI score0.03196EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2018/07/31 6:28 p.m.4 views

aepp-sdk (>=0.18.0.3 <=0.18.0.4), aletheia (=0.0.1) +63 more potentially affected by CVE-2018-10903 via cryptography (>=1.9.0 <=2.2.2)

cryptography PYPI version =1.9.0, =0.18.0.3, =3.1.0, =0.2.0, =0.2.2, =0.7.1, =1.2.1.20160901, =0.8.0, =0.0.1, =0.5.4, =0.9.191, =0.7.0, =0.3.1, =0.4.0 and more Source cves: CVE-2018-10903 Source advisory: OSV:GHSA-FCF9-3QW3-GXMJ...

7.5CVSS6.7AI score0.03196EPSS
Exploits0
OSV
OSV
added 2018/07/30 4:29 p.m.3 views

DEBIAN-CVE-2018-10903

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

7.5CVSS7.2AI score0.03196EPSS
Exploits0References1
Rows per page
Query Builder