Lucene search
K

4 matches found

UbuntuCve
UbuntuCve
added 2026/04/08 9:17 p.m.5 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS6AI score0.00652EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/04/08 8:49 p.m.5 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS5.5AI score0.00652EPSS
Exploits0
OSV
OSV
added 2026/04/08 8:49 p.m.1 views

CVE-2026-39892 cryptography has a buffer overflow if non-contiguous buffers were passed to APIs

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

6.9CVSS6.2AI score0.00652EPSS
Exploits0References24
Github Security Blog
Github Security Blog
added 2026/04/08 7:23 p.m.62 views

Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs

If a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. For example: python h = HashSHA256 b.updatebuf::-1 would read past the end of the buffer on Python 3.11...

9.8CVSS6.1AI score0.00652EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder