EUVD-2018-0030

Malware in sbrugna...

CVE-2022-50306

CVE-2022-50306 concerns a Linux kernel issue in ext4 where ext4_fc_replay_scan() could perform an out-of-bounds read during journal scan if the remaining space is smaller than EXT4_FC_TAG_BASE_LEN. The root cause is insufficient bounds checking for the three journal scan tags (ADD_RANGE/HEAD/TAIL...

SUSE SLED15 / SLES15 Security Update : python-cryptography, python-cryptography-vectors (SUSE-SU-2022:4044-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4044-1 advisory. - A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a...

GHSA-FCF9-3QW3-GXMJ PyCA Cryptography vulnerable to GCM tag forgery

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

PT-2018-10171 · Python +2 · Python-Cryptography +2

Name of the Vulnerable Software and Affected Versions: python-cryptography versions 1.9.0 through 2.3 Description: A flaw was found in the finalize with tag API, which did not enforce a minimum tag length. This allows an attacker to craft an invalid payload with a shortened tag, potentially leadi...