Cryptography.io Cryptography 1.8.2 for Python

CPE Details

Cryptography.io Cryptography 1.8.2 for Python
cryptography.io
cryptography
1.8.2
2024-09-05
14h09 +00:00
2024-09-05
14h14 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:cryptography.io:cryptography:1.8.2:*:*:*:*:python:*:*

Informations

Vendor

cryptography.io

Product

cryptography

Version

1.8.2

Target Software

python

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-50782 2024-02-05 20h45 +00:00 A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
7.5
Haute
CVE-2023-23931 2023-02-07 20h54 +00:00 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.
6.5
Moyen
CVE-2020-36242 2021-02-07 18h50 +00:00 In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.
9.1
Critique