Описание
The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.
Ссылки
- Patch
- ExploitIssue TrackingPatchVendor Advisory
- PatchVendor Advisory
- Release Notes
- Patch
- ExploitIssue TrackingPatchVendor Advisory
- PatchVendor Advisory
- Release Notes
Уязвимые конфигурации
Конфигурация 1Версия от 40.0.0 (включая) до 41.0.2 (исключая)
cpe:2.3:a:cryptography.io:cryptography:*:*:*:*:*:python:*:*
EPSS
Процентиль: 71%
0.00706
Низкий
7.5 High
CVSS3
Дефекты
CWE-295
Связанные уязвимости
CVSS3: 7.5
ubuntu
почти 2 года назад
The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.
CVSS3: 7.5
redhat
почти 2 года назад
The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.
CVSS3: 7.5
debian
почти 2 года назад
The cryptography package before 41.0.2 for Python mishandles SSH certi ...
EPSS
Процентиль: 71%
0.00706
Низкий
7.5 High
CVSS3
Дефекты
CWE-295