Astra Linux – Vulnerability in python-cryptography

In the cryptography package for Python before version 3.3.2, certain sequences of update calls to symmetrically encrypt multi-GB values could lead to integer overflows and buffer overflows, as demonstrated by the Fernet class...

EUVD-2021-0048

Malware in sbrugna...

Rocky Linux 8 : python-cryptography (RLSA-2021:1608)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1608 advisory. - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...

SUSE SLES15 Security Update : python-cryptography, python-cryptography-vectors (SUSE-SU-2023:0604-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0604-1 advisory. - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2021-2278)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2021-2252)

According to the version of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could...

EulerOS Virtualization 2.9.1 : python-cryptography (EulerOS-SA-2021-2178)

According to the version of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB...

OESA-2021-1089 python-cryptography security update

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer...

In the cryptography package before 3.3.2 for Python certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow as demonstrated by the Fernet class.

...

DEBIAN-CVE-2020-36242

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...

CVE-2020-36242

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...

UBUNTU-CVE-2020-36242

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...

PYSEC-2021-63

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...

PYSEC-2021-63

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...

CVE-2020-36242

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...

CVE-2020-36242

The CVE refers to the Python cryptography package prior to 3.3.2. The issue arises from certain sequences of update() calls when symmetrically encrypting very large (multi-GB) payloads, which can trigger an integer overflow and buffer overflow, as demonstrated by the Fernet class. This affects cr...

PT-2021-7287

Name of the Vulnerable Software and Affected Versions cryptography versions prior to 3.3.2 Description The issue is related to an integer overflow in the cryptography package for Python. This overflow can occur when certain sequences of update calls are made to symmetrically encrypt multi-GB...