cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.update_into would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as bytes) to ...
6.5CVSS
6.7AI Score
0.001EPSS
The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.
7.5CVSS
7.5AI Score
0.001EPSS
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling load_pem_pkcs7_certificates or load_der_pkcs7_certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Serv...
7.5CVSS
7.4AI Score
0.001EPSS