Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-6vqw-3v5j-54x4
  • PyPI/cryptography
 cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
  • 38.0.0
  • 38.0.1
  • 38.0.2
  • 38.0.3
  • 38.0.4
  • 39.0.0
  • 39.0.1
  • ...
 2024-02-21T18:04:40Z Fix available
GHSA-3ww4-gg4f-jr7f
  • PyPI/cryptography
 Python Cryptography package vulnerable to Bleichenbacher timing oracle attack
  • 0.1
  • 0.2
  • 0.2.1
  • 0.2.2
  • 0.3
  • 0.4
  • 0.5
  • ...
 2024-02-05T21:30:31Z Fix available
GHSA-9v9h-cgj8-h64p
  • PyPI/cryptography
 Null pointer dereference in PKCS12 parsing
  • 0.1
  • 0.2
  • 0.2.1
  • 0.2.2
  • 0.3
  • 0.4
  • 0.5
  • ...
 2024-01-26T09:30:23Z Fix available
PYSEC-2023-254
  • github.com/pyca/cryptography
  • PyPI/cryptography
 See record for full details
  • 3.1
  • 3.1.1
  • 3.2
  • 3.2.1
  • 3.3
  • 3.3.1
  • 3.3.2
  • ...
 2023-11-29T19:15:00Z Fix available
GHSA-jfhm-5ghh-2f97
  • PyPI/cryptography
 cryptography vulnerable to NULL-dereference when loading PKCS7 certificates
  • 3.1
  • 3.1.1
  • 3.2
  • 3.2.1
  • 3.3
  • 3.3.1
  • 3.3.2
  • ...
 2023-11-28T20:46:46Z Fix available
GHSA-v8gr-m533-ghj9
  • PyPI/cryptography
 Vulnerable OpenSSL included in cryptography wheels
  • 2.5
  • 2.6
  • 2.6.1
  • 2.7
  • 2.8
  • 2.9
  • 2.9.1
  • ...
 2023-09-21T17:07:01Z Fix available
GHSA-jm77-qphf-c4w8
  • PyPI/cryptography
 pyca/cryptography's wheels include vulnerable OpenSSL
  • 0.8
  • 0.8.1
  • 0.8.2
  • 0.9
  • 0.9.1
  • 0.9.2
  • 0.9.3
  • ...
 2023-08-01T22:34:41Z Fix available
GHSA-cf7p-gm2m-833m
  • PyPI/cryptography
 cryptography mishandles SSH certificates
  • 40.0.0
  • 40.0.1
  • 40.0.2
  • 41.0.0
  • 41.0.1
 2023-07-14T21:31:08Z Fix available
PYSEC-2023-112
  • PyPI/cryptography
 See record for full details
  • 40.0.0
  • 40.0.1
  • 40.0.2
  • 41.0.0
  • 41.0.1
 2023-07-14T20:15:00Z Fix available
GHSA-5cpq-8wj7-hf2v
  • PyPI/cryptography
 Vulnerable OpenSSL included in cryptography wheels
  • 0.5
  • 0.5.1
  • 0.5.2
  • 0.5.3
  • 0.5.4
  • 0.6
  • 0.6.1
  • ...
 2023-06-02T17:13:10Z Fix available
GHSA-x4qr-2fvf-3mr5
  • PyPI/cryptography
  • crates.io/openssl-src
 Vulnerable OpenSSL included in cryptography wheels
  • 0.8.1
  • 0.8.2
  • 0.9
  • 0.9.1
  • 0.9.2
  • 0.9.3
  • 1.0
  • ...
 2023-02-08T22:17:06Z Fix available
GHSA-w7pp-m8wf-vj6r
  • PyPI/cryptography
 Cipher.update_into can corrupt memory if passed an immutable python object as the outbuf
  • 1.8
  • 1.8.1
  • 1.8.2
  • 1.9
  • 2.0
  • 2.0.1
  • 2.0.2
  • ...
 2023-02-07T20:54:10Z Fix available
GHSA-39hc-v87j-747x
  • PyPI/cryptography
 Vulnerable OpenSSL included in cryptography wheels
  • 37.0.0
  • 37.0.1
  • 37.0.2
  • 37.0.3
  • 37.0.4
  • 38.0.0
  • 38.0.1
  • ...
 2022-11-02T18:11:56Z Fix available
GHSA-q3cj-2r34-2cwc
  • PyPI/cryptography
 Improper input validation in cryptography
  • 0.1
  • 0.2
  • 0.2.1
  • 0.2.2
  • 0.3
  • 0.4
  • 0.5
  • ...
 2022-05-17T02:51:56Z Fix available
GHSA-rhm9-p9w5-fwm7
  • PyPI/cryptography
 PyCA Cryptography symmetrically encrypting large values can lead to integer overflow
  • 3.1
  • 3.1.1
  • 3.2
  • 3.2.1
  • 3.3
  • 3.3.1
 2021-02-10T01:32:27Z Fix available
PYSEC-2021-63
  • PyPI/cryptography
 See record for full details
  • 3.1
  • 3.1.1
  • 3.2
  • 3.2.1
  • 3.3
  • 3.3.1
 2021-02-07T20:15:00Z Fix available
Load more...(1 page left)