Lucene search
+L

4 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 10:5 p.m.11 views

cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification ECDSA and...

8.2CVSS6.8AI score0.00341EPSS
Exploits0References6
OSV
OSV
added 2026/02/10 10:17 p.m.7 views

AZL-77454 CVE-2026-26007 affecting package python-cryptography for versions less than 42.0.5-4

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS6.9AI score0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 9:42 p.m.3 views

CVE-2026-26007 cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS5.6AI score0.00341EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-26007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or...

8.2CVSS6.9AI score0.00341EPSS
Exploits0References2
Rows per page
Query Builder