34 matches found
OESA-2023-1088 python-cryptography security update
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which...
OESA-2023-1090 python-cryptography security update
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which...
OESA-2023-1085 python-cryptography security update
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which...
SUSE CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
Memory Corruption
cryptography is vulnerable to Memory Corruption. The vulnerability exists due to the updateinto function in ciphers.py, because it accepts objects which implement the buffer protocol, but provide only immutable buffers which would allow immutable objects to be mutated, resulting in corrupted...
DEBIAN-CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
AZL-13353 CVE-2023-23931 affecting package python-cryptography for versions less than 3.3.2-4
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
AZL-35127 CVE-2023-23931 affecting package python-cryptography for versions less than 3.3.2-5
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
ALPINE-CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
UBUNTU-CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
PYSEC-2023-11
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
PYSEC-2023-11
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
CVE-2023-23931 Cipher.update_into can corrupt memory in pyca cryptography
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
PT-2023-2766 · Pypi +10 · Cryptography +10
Name of the Vulnerable Software and Affected Versions: cryptography versions 1.8 through the latest version before the fix Description: The issue is related to the Cipher.update into function in the cryptography package, which would accept Python objects that implement the buffer protocol but...