Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.4 views

SUSE CVE-2018-10903

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

5.3CVSS6.5AI score0.02605EPSS
Exploits0References20
PyPA
PyPA
added 2018/07/30 4:29 p.m.8 views

PYSEC-2018-52

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

7.5CVSS6.4AI score0.02605EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2018/07/30 4:29 p.m.2 views

DEBIAN-CVE-2018-10903

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

7.5CVSS7.2AI score0.02605EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/07/20 12:0 a.m.3 views

PT-2018-10171 · Python +2 · Python-Cryptography +2

Name of the Vulnerable Software and Affected Versions: python-cryptography versions 1.9.0 through 2.3 Description: A flaw was found in the finalize with tag API, which did not enforce a minimum tag length. This allows an attacker to craft an invalid payload with a shortened tag, potentially leadi...

8.7CVSS6AI score0.02605EPSS
Exploits0References53
Rows per page
Query Builder