Уязвимость функций load_pem_pkcs7_certificates() и load_der_pkcs7_certificates() пакет cryptography, позволяющая нарушителю вызвать отказ в обслуживании

Множественные уязвимости salt

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6.

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6.

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6.

cryptography is a package designed to expose cryptographic primitives ...

Security update for python-cryptography

Security update for python3-cryptography

Security update for python-cryptography

Уязвимость python3-cryptography

Moderate: python-cryptography security update

Moderate: python3.11-cryptography security update

Moderate: python3.11-cryptography security update

cryptography vulnerable to NULL-dereference when loading PKCS7 certificates

ELSA-2025-15874: python-cryptography security update (MODERATE)

ELSA-2025-14553: python-cryptography security update (MODERATE)

ELSA-2024-3105: python3.11-cryptography security update (MODERATE)

ELSA-2024-2337: python3.11-cryptography security update (MODERATE)

ELSA-2024-19480: python-cryptography security update (MODERATE)