Lucene search
K

34 matches found

OSV
OSV
added 2023/02/17 11:4 a.m.4 views

OESA-2023-1088 python-cryptography security update

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which...

6.5CVSS9AI score0.01301EPSS
Exploits1References2
OSV
OSV
added 2023/02/17 11:4 a.m.2 views

OESA-2023-1090 python-cryptography security update

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which...

6.5CVSS9AI score0.01301EPSS
Exploits1References2
OSV
OSV
added 2023/02/17 11:4 a.m.4 views

OESA-2023-1085 python-cryptography security update

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which...

6.5CVSS9AI score0.01301EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.4 views

SUSE CVE-2023-23931

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

4CVSS7.4AI score0.01301EPSS
Exploits1References25
Veracode
Veracode
added 2023/02/08 8:28 a.m.31 views

Memory Corruption

cryptography is vulnerable to Memory Corruption. The vulnerability exists due to the updateinto function in ciphers.py, because it accepts objects which implement the buffer protocol, but provide only immutable buffers which would allow immutable objects to be mutated, resulting in corrupted...

6.5CVSS6.7AI score0.01301EPSS
Exploits1References3Affected Software6
OSV
OSV
added 2023/02/07 9:15 p.m.2 views

DEBIAN-CVE-2023-23931

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

6.5CVSS6.5AI score0.01301EPSS
Exploits1References1
OSV
OSV
added 2023/02/07 9:15 p.m.10 views

AZL-13353 CVE-2023-23931 affecting package python-cryptography for versions less than 3.3.2-4

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

6.5CVSS6.7AI score0.01301EPSS
Exploits1References1
OSV
OSV
added 2023/02/07 9:15 p.m.5 views

AZL-35127 CVE-2023-23931 affecting package python-cryptography for versions less than 3.3.2-5

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

6.5CVSS6.7AI score0.01301EPSS
Exploits1References1
OSV
OSV
added 2023/02/07 9:15 p.m.3 views

ALPINE-CVE-2023-23931

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

6.5CVSS7AI score0.01301EPSS
Exploits1References1
OSV
OSV
added 2023/02/07 9:15 p.m.4 views

UBUNTU-CVE-2023-23931

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

6.5CVSS6.8AI score0.01301EPSS
Exploits1References5
OSV
OSV
added 2023/02/07 9:15 p.m.4 views

PYSEC-2023-11

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

6.5CVSS6.8AI score0.01301EPSS
Exploits1References3
PyPA
PyPA
added 2023/02/07 9:15 p.m.8 views

PYSEC-2023-11

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

6.5CVSS8.2AI score0.01301EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/07 8:54 p.m.8 views

CVE-2023-23931 Cipher.update_into can corrupt memory in pyca cryptography

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

4.8CVSS6.2AI score0.01301EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/02/07 12:0 a.m.18 views

PT-2023-2766 · Pypi +10 · Cryptography +10

Name of the Vulnerable Software and Affected Versions: cryptography versions 1.8 through the latest version before the fix Description: The issue is related to the Cipher.update into function in the cryptography package, which would accept Python objects that implement the buffer protocol but...

9.1CVSS6.7AI score0.92488EPSS
Exploits12References142
Rows per page
Query Builder