Latest vulnerabilities for "cryptography.io cryptography python"

Where

Sort:

Versions

1.8

3.1

38.0.0

45.0.0

pip/cryptographycryptography has a buffer overflow if non-contiguous buffers were passed to APIs

Risk 92

Severity

6.9

First published (updated )

CVE-2026-39892

pip/cryptographycryptography has incomplete DNS name constraint enforcement on peer names

Risk 29

Severity

1.7

First published (updated )

CVE-2026-34073

pip/cryptographycryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

Risk 33

Severity

8.2

EPSS

0.01%

First published (updated )

CVE-2026-26007

debian/python-cryptographycryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override

Risk 32

Severity

7.5

EPSS

0.04%

First published (updated )

CVE-2024-26130

redhat Enterprise LinuxPython-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659

Risk 46

Severity

7.5

First published (updated )

CVE-2023-50782

ubuntu/python-cryptographycryptography vulnerable to NULL-dereference when loading PKCS7 certificates

Risk 47

Severity

7.5

First published (updated )

CVE-2023-49083

ubuntu/python-cryptographyCipher.update_into can corrupt memory in pyca cryptography

Risk 43

Severity

6.5

First published (updated )

CVE-2023-23931

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Trending

Versions

pip/cryptographycryptography has a buffer overflow if non-contiguous buffers were passed to APIs

pip/cryptographycryptography has incomplete DNS name constraint enforcement on peer names

pip/cryptographycryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

debian/python-cryptographycryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override

redhat Enterprise LinuxPython-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659

Don't miss critical vulnerabilities

ubuntu/python-cryptographycryptography vulnerable to NULL-dereference when loading PKCS7 certificates

ubuntu/python-cryptographyCipher.update_into can corrupt memory in pyca cryptography

Company

Resources

Contact