PYSEC-2023-112

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/cryptography/PYSEC-2023-112.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2023-112
Aliases
Published
2023-07-14T20:15:00Z
Modified
2023-11-08T04:13:07.382446Z
Summary
[none]
Details

The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.

References

Affected packages

PyPI / cryptography

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
40.0.0
Fixed
41.0.2

Affected versions

40.*

40.0.0
40.0.1
40.0.2

41.*

41.0.0
41.0.1