Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-r6ph-v2qm-q3c2
  • PyPI/cryptography
 cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves 5 days ago
  • Fix available
  • Severity - 8.2 (High)
GHSA-79v4-65xg-pq4g
  • PyPI/cryptography
 Vulnerable OpenSSL included in cryptography wheels 11 Feb 2025
  • Fix available
GHSA-h4gh-qq45-vh27
  • PyPI/cryptography
 pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels 03 Sep 2024
  • Fix available
GHSA-6vqw-3v5j-54x4
  • PyPI/cryptography
 cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override 21 Feb 2024
  • Fix available
  • Severity - 7.5 (High)
PYSEC-2024-225
  • PyPI/cryptography
  • github.com/pyca/cryptography
 See record for full details 21 Feb 2024
  • Fix available
  • Severity - 7.5 (High)
GHSA-3ww4-gg4f-jr7f
  • PyPI/cryptography
 Python Cryptography package vulnerable to Bleichenbacher timing oracle attack 05 Feb 2024
  • Fix available
  • Severity - 8.7 (High)
GHSA-9v9h-cgj8-h64p
  • PyPI/cryptography
 Null pointer dereference in PKCS12 parsing 26 Jan 2024
  • Fix available
  • Severity - 5.5 (Medium)
PYSEC-2023-254
  • PyPI/cryptography
  • github.com/pyca/cryptography
 See record for full details 29 Nov 2023
  • Fix available
  • Severity - 7.5 (High)
GHSA-jfhm-5ghh-2f97
  • PyPI/cryptography
 cryptography vulnerable to NULL-dereference when loading PKCS7 certificates 28 Nov 2023
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-v8gr-m533-ghj9
  • PyPI/cryptography
 Vulnerable OpenSSL included in cryptography wheels 21 Sep 2023
  • Fix available
GHSA-jm77-qphf-c4w8
  • PyPI/cryptography
 pyca/cryptography's wheels include vulnerable OpenSSL 01 Aug 2023
  • Fix available
GHSA-cf7p-gm2m-833m
  • PyPI/cryptography
 cryptography mishandles SSH certificates 14 Jul 2023
  • Fix available
  • Severity - 8.7 (High)
PYSEC-2023-112
  • PyPI/cryptography
 See record for full details 14 Jul 2023
  • Fix available
GHSA-5cpq-8wj7-hf2v
  • PyPI/cryptography
 Vulnerable OpenSSL included in cryptography wheels 02 Jun 2023
  • Fix available
GHSA-x4qr-2fvf-3mr5
  • PyPI/cryptography
  • crates.io/openssl-src
 Vulnerable OpenSSL included in cryptography wheels 08 Feb 2023
  • Fix available
  • Severity - 7.4 (High)
GHSA-w7pp-m8wf-vj6r
  • PyPI/cryptography
 Cipher.update_into can corrupt memory if passed an immutable python object as the outbuf 07 Feb 2023
  • Fix available
  • Severity - 6.9 (Medium)
Load more...(1 page left)