Количество 10
Количество 10
CVE-2024-26130
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.
CVE-2024-26130
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.
CVE-2024-26130
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.
CVE-2024-26130
cryptography is a package designed to expose cryptographic primitives ...
SUSE-SU-2024:2138-1
Security update for python-cryptography
SUSE-SU-2024:0763-1
Security update for python-cryptography
ROS-20240422-02
Уязвимость python3-cryptography
GHSA-6vqw-3v5j-54x4
cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
ELSA-2025-20364
ELSA-2025-20364: python3.12-cryptography security update (IMPORTANT)
BDU:2024-03237
Уязвимость функций pkcs12.serialize_key_and_certificates пакета cryptography интерпретатора языка программирования Python, позволяющая нарушителю вызвать сбой процесса Python
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-26130 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
 | CVE-2024-26130 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
 | CVE-2024-26130 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
| CVE-2024-26130 cryptography is a package designed to expose cryptographic primitives ... | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
 | SUSE-SU-2024:2138-1 Security update for python-cryptography | 0% Низкий | около 1 года назад | |
| SUSE-SU-2024:0763-1 Security update for python-cryptography | 0% Низкий | больше 1 года назад | |
 | ROS-20240422-02 Уязвимость python3-cryptography | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| GHSA-6vqw-3v5j-54x4 cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
| ELSA-2025-20364 ELSA-2025-20364: python3.12-cryptography security update (IMPORTANT) | 21 день назад | ||
 | BDU:2024-03237 Уязвимость функций pkcs12.serialize_key_and_certificates пакета cryptography интерпретатора языка программирования Python, позволяющая нарушителю вызвать сбой процесса Python | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу