43 matches found
CVE-2026-34073
A flaw was found in the cryptography library. This vulnerability occurs because DNS Domain Name System name constraints were not properly validated against the "peer name" during certificate validation, only against Subject Alternative Names SANs within child certificates. This oversight could...
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
PYSEC-2026-35
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
PYSEC-2026-35
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
DEBIAN-CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
ALPINE-CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
UBUNTU-CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073 cryptography has incomplete DNS name constraint enforcement on peer names
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073 cryptography has incomplete DNS name constraint enforcement on peer names
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
cryptography 信任管理问题漏洞
cryptography is a Python cryptographic authority open-source library. Versions of cryptography prior to 46.0.6 had a trust management vulnerability. This vulnerability stemmed from DNS name constraints verifying only the SAN within sub-certs, without verifying the peer names presented during each...
Cryptography Has Incomplete DNS Name Constraint Enforcement On Peer Names
Summary In versions of cryptography prior to 46.0.5, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography would allow a peer named "bar.example.com" to validate against a wildcard leaf...
cryptography has incomplete DNS name constraint enforcement on peer names
Summary In versions of cryptography prior to 46.0.5, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography would allow a peer named bar.example.com to validate against a wildcard leaf...
GHSA-M959-CC7F-WV43 cryptography has incomplete DNS name constraint enforcement on peer names
Summary In versions of cryptography prior to 46.0.5, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography would allow a peer named bar.example.com to validate against a wildcard leaf...
PT-2026-28601
Name of the Vulnerable Software and Affected Versions cryptography versions prior to 46.0.5 Description Versions of cryptography before 46.0.5 had a flaw in how DNS name constraints were validated. The validation only checked against Subject Alternative Names SANs in child certificates, not the...
EUVD-2023-39341
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-17187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl...' methods. Unless a verification mo...