OPENSUSE-SU-2021:0349-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2020-36242: Using the Fernet class to symmetrically encrypt multi gigabyte values could result in an integer overflow and buffer overflow bsc1182066. This update was imported from the SUSE:SLE-15-SP2:Update update project...

Security update for python-cryptography (important)

openSUSE Security Update: Security update for python-cryptography Announcement ID: openSUSE-SU-2021:0349-1 Rating: important References: 1182066 Cross-References: CVE-2020-36242 CVSS scores: CVE-2020-36242 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2020-36242 SUSE: 7.5...

SUSE-SU-2021:0594-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2020-36242: Using the Fernet class to symmetrically encrypt multi gigabyte values could result in an integer overflow and buffer overflow bsc1182066...

[SECURITY] Fedora 33 Update: python-cryptography-3.2.1-2.fc33

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...

Fedora 33 : python-cryptography (2021-8e36e7ed1a)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-8e36e7ed1a advisory. - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an...

Fedora: Security Advisory for python-cryptography (FEDORA-2021-8e36e7ed1a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-36242

A buffer-overflow flaw was found in the python-cryptography package. In certain sequences of update calls when symmetrically encrypting very large payloads 2GB could result in an integer overflow, leading to buffer overflows. Note: This fix is a workaround for the OpenSSL CVE-2021-23840 flaw...

DEBIAN-CVE-2020-36242

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...

CVE-2020-36242

The CVE refers to the Python cryptography package prior to 3.3.2. The issue arises from certain sequences of update() calls when symmetrically encrypting very large (multi-GB) payloads, which can trigger an integer overflow and buffer overflow, as demonstrated by the Fernet class. This affects cr...

python-cryptography input validation error vulnerability

python-cryptography is a Python code library for cryptographic applications from the Cryptographic team. An input validation error vulnerability exists in the python-cryptography package before 3.3.2 for Python, which originates from an integer overflow and a buffer overflow...

CVE-2020-25659 affecting package python-cryptography 2.3.1-4

CVE-2020-25659 affecting package python-cryptography 2.3.1-4. A patched version of the package is available...

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API via timed processing of valid PKCS#1 v1.5 ciphertext.

...

CVE-2020-25659

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...

ALPINE-CVE-2020-25659

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...

PYSEC-2021-62

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...

CVE-2020-25659

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...

CVE-2020-25659

CVE-2020-25659 affects python-cryptography 3.2, with a Bleichenbacher timing attack against the RSA decryption API (processing of valid PKCS#1 v1.5 ciphertext). Multiple connected advisories confirm the same issue and point to updated/ patched releases (e.g., python-cryptography 3.2.1 in AlmaLinu...

SUSE SLES12 Security Update : python-cryptography (SUSE-SU-2020:3629-1)

This update for python-cryptography fixes the following issues : CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

SUSE SLED15 / SLES15 Security Update : python-cryptography (SUSE-SU-2020:3592-1)

This update for python-cryptography fixes the following issues : CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

openSUSE Security Update : python-cryptography (openSUSE-2020-2173)

This update for python-cryptography fixes the following issues : - CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package...