41 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-cryptography (UTSA-2026-017476)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017476 advisory. In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow a...
Astra Linux – Vulnerability in python-cryptography
In the cryptography package for Python before version 3.3.2, certain sequences of update calls to symmetrically encrypt multi-GB values could lead to integer overflows and buffer overflows, as demonstrated by the Fernet class...
EUVD-2016-0012
Malware in sbrugna...
EUVD-2021-0048
Malware in sbrugna...
Rocky Linux 8 : python-cryptography (RLSA-2021:1608)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1608 advisory. - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...
SUSE SLES15 Security Update : python-cryptography, python-cryptography-vectors (SUSE-SU-2023:0604-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0604-1 advisory. - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid...
SUSE CVE-2020-36242
In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...
PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration
Cybersecurity researchers have unearthed a new attack campaign that leverages a Python-based remote access trojan RAT to gain control over compromised systems since at least August 2022. "This malware is unique in its utilization of WebSockets to avoid detection and for both command-and-control C...
Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware
A version of an open source ransomware toolkit called Cryptonite has been observed in the wild with wiper capabilities due to its "weak architecture and programming." Cryptonite, unlike other ransomware strains, is not available for sale on the cybercriminal underground, and was instead offered f...
Fedora: Security Advisory for golang-github-fernet (FEDORA-2022-ea8f4e232d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: golang-github-fernet-0-0.10.20200726giteff2850.fc36
Fernet takes a user-provided message an arbitrary sequence of bytes, a key 256 bits, and the current time, and produces a token, which contains the message in a form that can't be read or altered without the key...
Fedora: Security Advisory for golang-github-fernet (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: golang-github-fernet-0-0.9.20200726giteff2850.fc35
Fernet takes a user-provided message an arbitrary sequence of bytes, a key 256 bits, and the current time, and produces a token, which contains the message in a form that can't be read or altered without the key...
Fedora: Security Advisory for golang-github-fernet (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: golang-github-fernet-0-0.9.20200726giteff2850.fc36
Fernet takes a user-provided message an arbitrary sequence of bytes, a key 256 bits, and the current time, and produces a token, which contains the message in a form that can't be read or altered without the key...
OpenStack Identity Keystone Improper Access Control
The Fernet Token Provider in OpenStack Identity Keystone 9.0.x before 9.0.1 mitaka allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token...
EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2021-2252)
According to the version of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could...
Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2021-2278)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.1 : python-cryptography (EulerOS-SA-2021-2178)
According to the version of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB...
OESA-2021-1089 python-cryptography security update
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer...