5 matches found
EUVD-2018-0030
Malware in sbrugna...
CVE-2022-50306
CVE-2022-50306 concerns a Linux kernel issue in ext4 where ext4_fc_replay_scan() could perform an out-of-bounds read during journal scan if the remaining space is smaller than EXT4_FC_TAG_BASE_LEN. The root cause is insufficient bounds checking for the three journal scan tags (ADD_RANGE/HEAD/TAIL...
SUSE SLED15: python2-cryptography / python2-cryptography-vectors / etc (SUSE-SU-2022:4044-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4044-1 advisory. - Update in SLE-15 bsc1177083, jscPM-2730, jscSLE-18312 - Refresh patches for new version - Update in...
GHSA-FCF9-3QW3-GXMJ PyCA Cryptography vulnerable to GCM tag forgery
A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...
PT-2018-10171 · Python +2 · Python-Cryptography +2
Name of the Vulnerable Software and Affected Versions: python-cryptography versions 1.9.0 through 2.3 Description: A flaw was found in the finalize with tag API, which did not enforce a minimum tag length. This allows an attacker to craft an invalid payload with a shortened tag, potentially leadi...