Количество 16
Количество 16
CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.
CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.
CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.
CVE-2023-23931
CVE-2023-23931
cryptography is a package designed to expose cryptographic primitives ...
SUSE-SU-2023:1767-1
Security update for python-cryptography
SUSE-SU-2023:1763-1
Security update for python-cryptography
SUSE-SU-2023:0837-1
Security update for python-cffi
SUSE-SU-2023:0737-1
Security update for python-cryptography
SUSE-SU-2023:0722-1
Security update for python-cryptography
GHSA-w7pp-m8wf-vj6r
Cipher.update_into can corrupt memory if passed an immutable python object as the outbuf
ELSA-2023-7096
ELSA-2023-7096: python-cryptography security update (MODERATE)
ELSA-2023-6615
ELSA-2023-6615: python-cryptography security update (MODERATE)
BDU:2023-02656
Уязвимость функции Cipher.update_into пакета cryptography интерпретатора языка программирования Python, позволяющая нарушителю оказать воздействие на целостность и доступность выходных данных
ELSA-2024-2985
ELSA-2024-2985: python39:3.9 and python39-devel:3.9 security update (MODERATE)
ROS-20230620-06
Множественные уязвимости python3-cryptography
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8. | CVSS3: 4.8 | 1% Низкий | больше 2 лет назад |
 | CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8. | CVSS3: 6.5 | 1% Низкий | больше 2 лет назад |
 | CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8. | CVSS3: 4.8 | 1% Низкий | больше 2 лет назад |
 | CVSS3: 6.5 | 1% Низкий | 12 месяцев назад | |
| CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives ... | CVSS3: 4.8 | 1% Низкий | больше 2 лет назад |
 | SUSE-SU-2023:1767-1 Security update for python-cryptography | 1% Низкий | около 2 лет назад | |
| SUSE-SU-2023:1763-1 Security update for python-cryptography | 1% Низкий | около 2 лет назад | |
| SUSE-SU-2023:0837-1 Security update for python-cffi | 1% Низкий | около 2 лет назад | |
| SUSE-SU-2023:0737-1 Security update for python-cryptography | 1% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:0722-1 Security update for python-cryptography | 1% Низкий | больше 2 лет назад | |
| GHSA-w7pp-m8wf-vj6r Cipher.update_into can corrupt memory if passed an immutable python object as the outbuf | CVSS3: 6.5 | 1% Низкий | больше 2 лет назад |
| ELSA-2023-7096 ELSA-2023-7096: python-cryptography security update (MODERATE) | больше 1 года назад | ||
| ELSA-2023-6615 ELSA-2023-6615: python-cryptography security update (MODERATE) | больше 1 года назад | ||
 | BDU:2023-02656 Уязвимость функции Cipher.update_into пакета cryptography интерпретатора языка программирования Python, позволяющая нарушителю оказать воздействие на целостность и доступность выходных данных | CVSS3: 6.5 | 1% Низкий | больше 2 лет назад |
| ELSA-2024-2985 ELSA-2024-2985: python39:3.9 and python39-devel:3.9 security update (MODERATE) | около 1 года назад | ||
 | ROS-20230620-06 Множественные уязвимости python3-cryptography | CVSS3: 9.1 | почти 2 года назад |
Уязвимостей на страницу