{"url":"http://public2.vulnerablecode.io/api/packages/48841?format=json","purl":"pkg:pypi/cryptography@0.8","type":"pypi","namespace":"","name":"cryptography","version":"0.8","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"46.0.7","latest_non_vulnerable_version":"46.0.7","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18373?format=json","vulnerability_id":"VCID-17bx-vqxs-tfhj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26130.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26130.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-26130","reference_id":"","reference_type":"","scores":[{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64782","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64679","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-26130"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2024-225.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2024-225.yaml"},{"reference_url":"https://github.com/pyca/cryptography/pull/10423","reference_id":"10423","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-14T19:56:07Z/"}],"url":"https://github.com/pyca/cryptography/pull/10423"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064778","reference_id":"1064778","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064778"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2269617","reference_id":"2269617","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2269617"},{"reference_url":"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55","reference_id":"97d231672763cdb5959a3b191e692a362f1b9e55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-14T19:56:07Z/"}],"url":"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26130","reference_id":"CVE-2024-26130","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26130"},{"reference_url":"https://github.com/advisories/GHSA-6vqw-3v5j-54x4","reference_id":"GHSA-6vqw-3v5j-54x4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6vqw-3v5j-54x4"},{"reference_url":"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4","reference_id":"GHSA-6vqw-3v5j-54x4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-14T19:56:07Z/"}],"url":"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"},{"reference_url":"https://security.gentoo.org/glsa/202407-06","reference_id":"GLSA-202407-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3781","reference_id":"RHSA-2024:3781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7987","reference_id":"RHSA-2024:7987","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1335","reference_id":"RHSA-2025:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15608","reference_id":"RHSA-2025:15608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15608"},{"reference_url":"https://usn.ubuntu.com/6673-1/","reference_id":"USN-6673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6673-1/"},{"reference_url":"https://usn.ubuntu.com/6673-3/","reference_id":"USN-6673-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6673-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29256?format=json","purl":"pkg:pypi/cryptography@42.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1fsa-y66v-nfcn"},{"vulnerability":"VCID-nrz6-3fxy-6uen"},{"vulnerability":"VCID-r7nw-s3b2-1ffh"},{"vulnerability":"VCID-zxsw-as6f-cbhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@42.0.4"}],"aliases":["CVE-2024-26130","GHSA-6vqw-3v5j-54x4","PYSEC-2024-225"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-17bx-vqxs-tfhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18007?format=json","vulnerability_id":"VCID-1q8r-54xd-9kgq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0727","reference_id":"","reference_type":"","scores":[{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42477","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42313","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0727"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-277137.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-277137.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2"},{"reference_url":"https://github.com/github/advisory-database/pull/3472","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/pull/3472"},{"reference_url":"https://github.com/openssl/openssl/pull/23362","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openssl/openssl/pull/23362"},{"reference_url":"https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240208-0006","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240208-0006"},{"reference_url":"https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8","reference_id":"03b3941d60c4bce58fab69a0c22377ab439bc0e8","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/"}],"url":"https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8"},{"reference_url":"https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2","reference_id":"09df4395b5071217b76dc7d3d2e630eb8c5a79c2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/"}],"url":"https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582","reference_id":"1061582","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582"},{"reference_url":"https://www.openssl.org/news/secadv/20240125.txt","reference_id":"20240125.txt","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/"}],"url":"https://www.openssl.org/news/secadv/20240125.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2259944","reference_id":"2259944","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2259944"},{"reference_url":"https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a","reference_id":"775acfdbd0c6af9ac855f34969cdab0c0c90844a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/"}],"url":"https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a"},{"reference_url":"https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539","reference_id":"aebaa5883e31122b404e450732dc833dc9dee539","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/"}],"url":"https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-0727","reference_id":"CVE-2024-0727","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-0727"},{"reference_url":"https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c","reference_id":"d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/"}],"url":"https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c"},{"reference_url":"https://github.com/advisories/GHSA-9v9h-cgj8-h64p","reference_id":"GHSA-9v9h-cgj8-h64p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9v9h-cgj8-h64p"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2447","reference_id":"RHSA-2024:2447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9088","reference_id":"RHSA-2024:9088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9088"},{"reference_url":"https://usn.ubuntu.com/6622-1/","reference_id":"USN-6622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6622-1/"},{"reference_url":"https://usn.ubuntu.com/6632-1/","reference_id":"USN-6632-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6632-1/"},{"reference_url":"https://usn.ubuntu.com/6709-1/","reference_id":"USN-6709-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6709-1/"},{"reference_url":"https://usn.ubuntu.com/7018-1/","reference_id":"USN-7018-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7018-1/"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28595?format=json","purl":"pkg:pypi/cryptography@42.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17bx-vqxs-tfhj"},{"vulnerability":"VCID-1fsa-y66v-nfcn"},{"vulnerability":"VCID-nrz6-3fxy-6uen"},{"vulnerability":"VCID-r7nw-s3b2-1ffh"},{"vulnerability":"VCID-zxsw-as6f-cbhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@42.0.2"}],"aliases":["CVE-2024-0727","GHSA-9v9h-cgj8-h64p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1q8r-54xd-9kgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204606?format=json","vulnerability_id":"VCID-361f-xedm-8uf8","summary":"HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9243.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9243.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9243","reference_id":"","reference_type":"","scores":[{"value":"0.0165","scoring_system":"epss","scoring_elements":"0.82482","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0165","scoring_system":"epss","scoring_elements":"0.8242","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9243"},{"reference_url":"https://cryptography.io/en/latest/changelog","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cryptography.io/en/latest/changelog"},{"reference_url":"https://cryptography.io/en/latest/changelog/#v1-5-3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cryptography.io/en/latest/changelog/#v1-5-3"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9243","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9243"},{"reference_url":"https://github.com/advisories/GHSA-q3cj-2r34-2cwc","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q3cj-2r34-2cwc"},{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874"},{"reference_url":"https://github.com/pyca/cryptography/issues/3211","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/issues/3211"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2017-8.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2017-8.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9243","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9243"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/09/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/11/09/2"},{"reference_url":"http://www.securityfocus.com/bid/94216","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/94216"},{"reference_url":"http://www.ubuntu.com/usn/USN-3138-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-3138-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393431","reference_id":"1393431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393431"},{"reference_url":"https://usn.ubuntu.com/3138-1/","reference_id":"USN-3138-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3138-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48870?format=json","purl":"pkg:pypi/cryptography@1.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1q8r-54xd-9kgq"},{"vulnerability":"VCID-3bkk-xmkv-gfe7"},{"vulnerability":"VCID-6pw5-g8v8-t7hg"},{"vulnerability":"VCID-8xnp-e1zg-2khp"},{"vulnerability":"VCID-depm-jqfg-3kfg"},{"vulnerability":"VCID-mdxb-6a33-kyfr"},{"vulnerability":"VCID-nrz6-3fxy-6uen"},{"vulnerability":"VCID-r7nw-s3b2-1ffh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.5.3"}],"aliases":["CVE-2016-9243","GHSA-q3cj-2r34-2cwc","PYSEC-2017-8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-361f-xedm-8uf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8227?format=json","vulnerability_id":"VCID-6pw5-g8v8-t7hg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25659.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25659.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25659","reference_id":"","reference_type":"","scores":[{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73794","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73868","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25659"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pyca/cryptography/commit/58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/commit/58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494"},{"reference_url":"https://github.com/pyca/cryptography/pull/5507","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/pull/5507"},{"reference_url":"https://github.com/pyca/cryptography/pull/5507/commits/ce1bef6f1ee06ac497ca0c837fbd1c7ef6c2472b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pyca/cryptography/pull/5507/commits/ce1bef6f1ee06ac497ca0c837fbd1c7ef6c2472b"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2021-62.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2021-62.yaml"},{"reference_url":"https://pypi.org/project/cryptography","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/cryptography"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889988","reference_id":"1889988","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889988"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973247","reference_id":"973247","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973247"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25659","reference_id":"CVE-2020-25659","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25659"},{"reference_url":"https://github.com/advisories/GHSA-hggm-jpg3-v476","reference_id":"GHSA-hggm-jpg3-v476","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hggm-jpg3-v476"},{"reference_url":"https://github.com/pyca/cryptography/security/advisories/GHSA-hggm-jpg3-v476","reference_id":"GHSA-hggm-jpg3-v476","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/security/advisories/GHSA-hggm-jpg3-v476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1608","reference_id":"RHSA-2021:1608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2239","reference_id":"RHSA-2021:2239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2239"},{"reference_url":"https://usn.ubuntu.com/4613-1/","reference_id":"USN-4613-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4613-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/17953?format=json","purl":"pkg:pypi/cryptography@3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17bx-vqxs-tfhj"},{"vulnerability":"VCID-1866-qzmz-c7cu"},{"vulnerability":"VCID-1q8r-54xd-9kgq"},{"vulnerability":"VCID-3bkk-xmkv-gfe7"},{"vulnerability":"VCID-6pw5-g8v8-t7hg"},{"vulnerability":"VCID-8xnp-e1zg-2khp"},{"vulnerability":"VCID-9vdx-zu46-nydb"},{"vulnerability":"VCID-depm-jqfg-3kfg"},{"vulnerability":"VCID-mdxb-6a33-kyfr"},{"vulnerability":"VCID-nrz6-3fxy-6uen"},{"vulnerability":"VCID-qpnp-4tye-27gu"},{"vulnerability":"VCID-r7nw-s3b2-1ffh"},{"vulnerability":"VCID-v339-bjun-z3d3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/62256?format=json","purl":"pkg:pypi/cryptography@3.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1866-qzmz-c7cu"},{"vulnerability":"VCID-1q8r-54xd-9kgq"},{"vulnerability":"VCID-3bkk-xmkv-gfe7"},{"vulnerability":"VCID-8xnp-e1zg-2khp"},{"vulnerability":"VCID-9vdx-zu46-nydb"},{"vulnerability":"VCID-depm-jqfg-3kfg"},{"vulnerability":"VCID-mdxb-6a33-kyfr"},{"vulnerability":"VCID-nrz6-3fxy-6uen"},{"vulnerability":"VCID-qpnp-4tye-27gu"},{"vulnerability":"VCID-r7nw-s3b2-1ffh"},{"vulnerability":"VCID-v339-bjun-z3d3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@3.2.1"}],"aliases":["CVE-2020-25659","GHSA-hggm-jpg3-v476","PYSEC-2021-62"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pw5-g8v8-t7hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360998?format=json","vulnerability_id":"VCID-8xnp-e1zg-2khp","summary":"pyca/cryptography's wheels include vulnerable OpenSSL\npyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.8-41.0.2 are vulnerable to several security issues. More details about the vulnerabilities themselves can be found in https://www.openssl.org/news/secadv/20230731.txt, https://www.openssl.org/news/secadv/20230719.txt, and https://www.openssl.org/news/secadv/20230714.txt.\n\nIf you are building cryptography source (\"sdist\") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.","references":[{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pyca/cryptography/commit/b22271cf3c3dd8dc8978f8f4b00b5c7060b6538d","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/commit/b22271cf3c3dd8dc8978f8f4b00b5c7060b6538d"},{"reference_url":"https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2"},{"reference_url":"https://github.com/pyca/cryptography/security/advisories/GHSA-jm77-qphf-c4w8","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/security/advisories/GHSA-jm77-qphf-c4w8"},{"reference_url":"https://github.com/advisories/GHSA-jm77-qphf-c4w8","reference_id":"GHSA-jm77-qphf-c4w8","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jm77-qphf-c4w8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81116?format=json","purl":"pkg:pypi/cryptography@41.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17bx-vqxs-tfhj"},{"vulnerability":"VCID-1866-qzmz-c7cu"},{"vulnerability":"VCID-1q8r-54xd-9kgq"},{"vulnerability":"VCID-depm-jqfg-3kfg"},{"vulnerability":"VCID-nrz6-3fxy-6uen"},{"vulnerability":"VCID-qpnp-4tye-27gu"},{"vulnerability":"VCID-r7nw-s3b2-1ffh"},{"vulnerability":"VCID-zxsw-as6f-cbhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@41.0.3"}],"aliases":["GHSA-jm77-qphf-c4w8","GMS-2023-1898"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xnp-e1zg-2khp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16136?format=json","vulnerability_id":"VCID-depm-jqfg-3kfg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50782.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50782","reference_id":"","reference_type":"","scores":[{"value":"0.00855","scoring_system":"epss","scoring_elements":"0.75465","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00855","scoring_system":"epss","scoring_elements":"0.75394","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50782"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pyca/cryptography/issues/9785","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/issues/9785"},{"reference_url":"https://www.couchbase.com/alerts","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.couchbase.com/alerts"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059308","reference_id":"1059308","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059308"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2","reference_id":"cpe:/a:redhat:ansible_automation_platform:2","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:4::el8","reference_id":"cpe:/a:redhat:rhui:4::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:4::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6","reference_id":"cpe:/a:redhat:satellite:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-50782","reference_id":"CVE-2023-50782","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T16:14:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-50782"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-50782","reference_id":"CVE-2023-50782","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-50782"},{"reference_url":"https://github.com/advisories/GHSA-3ww4-gg4f-jr7f","reference_id":"GHSA-3ww4-gg4f-jr7f","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3ww4-gg4f-jr7f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254432","reference_id":"show_bug.cgi?id=2254432","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T16:14:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254432"},{"reference_url":"https://usn.ubuntu.com/6673-1/","reference_id":"USN-6673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6673-1/"},{"reference_url":"https://usn.ubuntu.com/6673-2/","reference_id":"USN-6673-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6673-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28760?format=json","purl":"pkg:pypi/cryptography@42.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17bx-vqxs-tfhj"},{"vulnerability":"VCID-1fsa-y66v-nfcn"},{"vulnerability":"VCID-1q8r-54xd-9kgq"},{"vulnerability":"VCID-nrz6-3fxy-6uen"},{"vulnerability":"VCID-r7nw-s3b2-1ffh"},{"vulnerability":"VCID-zxsw-as6f-cbhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@42.0.0"}],"aliases":["CVE-2023-50782","GHSA-3ww4-gg4f-jr7f"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-depm-jqfg-3kfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/361101?format=json","vulnerability_id":"VCID-mdxb-6a33-kyfr","summary":"Vulnerable OpenSSL included in cryptography wheels\npyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.5-40.0.2 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://www.openssl.org/news/secadv/20230530.txt.\n\nIf you are building cryptography source (\"sdist\") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.","references":[{"reference_url":"https://cryptography.io/en/latest/changelog/#v41-0-0","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cryptography.io/en/latest/changelog/#v41-0-0"},{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pyca/cryptography/commit/8708245ccdeaff21d65eea68a4f8d2a7c5949a22","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/commit/8708245ccdeaff21d65eea68a4f8d2a7c5949a22"},{"reference_url":"https://github.com/pyca/cryptography/security/advisories/GHSA-5cpq-8wj7-hf2v","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/security/advisories/GHSA-5cpq-8wj7-hf2v"},{"reference_url":"https://github.com/advisories/GHSA-5cpq-8wj7-hf2v","reference_id":"GHSA-5cpq-8wj7-hf2v","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5cpq-8wj7-hf2v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77208?format=json","purl":"pkg:pypi/cryptography@41.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17bx-vqxs-tfhj"},{"vulnerability":"VCID-1866-qzmz-c7cu"},{"vulnerability":"VCID-1q8r-54xd-9kgq"},{"vulnerability":"VCID-2j5b-f6w5-3bft"},{"vulnerability":"VCID-8xnp-e1zg-2khp"},{"vulnerability":"VCID-depm-jqfg-3kfg"},{"vulnerability":"VCID-nrz6-3fxy-6uen"},{"vulnerability":"VCID-qpnp-4tye-27gu"},{"vulnerability":"VCID-r7nw-s3b2-1ffh"},{"vulnerability":"VCID-zxsw-as6f-cbhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@41.0.0"}],"aliases":["GHSA-5cpq-8wj7-hf2v","GMS-2023-1778"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mdxb-6a33-kyfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28312?format=json","vulnerability_id":"VCID-nrz6-3fxy-6uen","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34073.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34073.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34073","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01115","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01114","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34073"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2026-35.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2026-35.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34073","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34073"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453276","reference_id":"2453276","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453276"},{"reference_url":"https://github.com/advisories/GHSA-m959-cc7f-wv43","reference_id":"GHSA-m959-cc7f-wv43","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m959-cc7f-wv43"},{"reference_url":"https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43","reference_id":"GHSA-m959-cc7f-wv43","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:50:17Z/"}],"url":"https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7295","reference_id":"RHSA-2026:7295","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7295"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/91788?format=json","purl":"pkg:pypi/cryptography@46.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16k8-qnne-r7fj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@46.0.6"}],"aliases":["CVE-2026-34073","GHSA-m959-cc7f-wv43","PYSEC-2026-35"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrz6-3fxy-6uen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27469?format=json","vulnerability_id":"VCID-r7nw-s3b2-1ffh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26007.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26007.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26007","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01386","published_at":"2026-06-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00969","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26007"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pyca/cryptography/releases/tag/46.0.5","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/releases/tag/46.0.5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2026/02/10/4","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2026/02/10/4"},{"reference_url":"https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c","reference_id":"0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T21:28:38Z/"}],"url":"https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127926","reference_id":"1127926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2438762","reference_id":"2438762","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2438762"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26007","reference_id":"CVE-2026-26007","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26007"},{"reference_url":"https://github.com/advisories/GHSA-r6ph-v2qm-q3c2","reference_id":"GHSA-r6ph-v2qm-q3c2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r6ph-v2qm-q3c2"},{"reference_url":"https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2","reference_id":"GHSA-r6ph-v2qm-q3c2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T21:28:38Z/"}],"url":"https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12176","reference_id":"RHSA-2026:12176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13512","reference_id":"RHSA-2026:13512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13553","reference_id":"RHSA-2026:13553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13672","reference_id":"RHSA-2026:13672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19355","reference_id":"RHSA-2026:19355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21431","reference_id":"RHSA-2026:21431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21517","reference_id":"RHSA-2026:21517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22330","reference_id":"RHSA-2026:22330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22993","reference_id":"RHSA-2026:22993","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22993"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2694","reference_id":"RHSA-2026:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5168","reference_id":"RHSA-2026:5168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5665","reference_id":"RHSA-2026:5665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6308","reference_id":"RHSA-2026:6308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6309","reference_id":"RHSA-2026:6309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6404","reference_id":"RHSA-2026:6404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6497","reference_id":"RHSA-2026:6497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6567","reference_id":"RHSA-2026:6567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6568","reference_id":"RHSA-2026:6568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7295","reference_id":"RHSA-2026:7295","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7295"},{"reference_url":"https://usn.ubuntu.com/8087-1/","reference_id":"USN-8087-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8087-1/"},{"reference_url":"https://usn.ubuntu.com/8087-3/","reference_id":"USN-8087-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8087-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39064?format=json","purl":"pkg:pypi/cryptography@46.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16k8-qnne-r7fj"},{"vulnerability":"VCID-nrz6-3fxy-6uen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@46.0.5"}],"aliases":["CVE-2026-26007","GHSA-r6ph-v2qm-q3c2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7nw-s3b2-1ffh"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.8"}