Search for packages
| purl | pkg:deb/debian/python-cryptography@0?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-67ns-x8ut-cbdc | The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options. |
CVE-2023-38325
GHSA-cf7p-gm2m-833m PYSEC-2023-112 |
| VCID-dzvc-j4et-ukgu | cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised. |
CVE-2024-26130
GHSA-6vqw-3v5j-54x4 PYSEC-2024-225 |
| VCID-z9ad-ts2t-1bdj | cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulnerability is fixed in 46.0.7. |
CVE-2026-39892
GHSA-p423-j2cm-9vmq PYSEC-2026-36 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T17:08:12.804132+00:00 | Debian Importer | Fixing | VCID-z9ad-ts2t-1bdj | https://security-tracker.debian.org/tracker/data/json | 38.6.0 |
| 2026-06-04T17:08:12.644949+00:00 | Debian Importer | Fixing | VCID-dzvc-j4et-ukgu | https://security-tracker.debian.org/tracker/data/json | 38.6.0 |
| 2026-06-04T17:08:12.462891+00:00 | Debian Importer | Fixing | VCID-67ns-x8ut-cbdc | https://security-tracker.debian.org/tracker/data/json | 38.6.0 |