Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/cryptography@1.5.2
Typepypi
Namespace
Namecryptography
Version1.5.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version46.0.7
Latest_non_vulnerable_version46.0.7
Affected_by_vulnerabilities
0
url VCID-1q8r-54xd-9kgq
vulnerability_id VCID-1q8r-54xd-9kgq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-0727
reference_id
reference_type
scores
0
value 0.00202
scoring_system epss
scoring_elements 0.42477
published_at 2026-06-12T12:55:00Z
1
value 0.00202
scoring_system epss
scoring_elements 0.42489
published_at 2026-06-14T12:55:00Z
2
value 0.00202
scoring_system epss
scoring_elements 0.425
published_at 2026-06-13T12:55:00Z
3
value 0.00202
scoring_system epss
scoring_elements 0.42313
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-0727
2
reference_url https://cert-portal.siemens.com/productcert/html/ssa-265688.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-265688.html
3
reference_url https://cert-portal.siemens.com/productcert/html/ssa-277137.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-277137.html
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2
7
reference_url https://github.com/github/advisory-database/pull/3472
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/pull/3472
8
reference_url https://github.com/openssl/openssl/pull/23362
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openssl/openssl/pull/23362
9
reference_url https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d
10
reference_url https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html
11
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html
12
reference_url https://security.netapp.com/advisory/ntap-20240208-0006
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240208-0006
13
reference_url https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
reference_id 03b3941d60c4bce58fab69a0c22377ab439bc0e8
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
14
reference_url https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
reference_id 09df4395b5071217b76dc7d3d2e630eb8c5a79c2
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582
reference_id 1061582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582
16
reference_url https://www.openssl.org/news/secadv/20240125.txt
reference_id 20240125.txt
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://www.openssl.org/news/secadv/20240125.txt
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259944
reference_id 2259944
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2259944
18
reference_url https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
reference_id 775acfdbd0c6af9ac855f34969cdab0c0c90844a
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
19
reference_url https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
reference_id aebaa5883e31122b404e450732dc833dc9dee539
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-0727
reference_id CVE-2024-0727
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-0727
21
reference_url https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
reference_id d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
22
reference_url https://github.com/advisories/GHSA-9v9h-cgj8-h64p
reference_id GHSA-9v9h-cgj8-h64p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9v9h-cgj8-h64p
23
reference_url https://access.redhat.com/errata/RHSA-2024:2447
reference_id RHSA-2024:2447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2447
24
reference_url https://access.redhat.com/errata/RHSA-2024:9088
reference_id RHSA-2024:9088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9088
25
reference_url https://usn.ubuntu.com/6622-1/
reference_id USN-6622-1
reference_type
scores
url https://usn.ubuntu.com/6622-1/
26
reference_url https://usn.ubuntu.com/6632-1/
reference_id USN-6632-1
reference_type
scores
url https://usn.ubuntu.com/6632-1/
27
reference_url https://usn.ubuntu.com/6709-1/
reference_id USN-6709-1
reference_type
scores
url https://usn.ubuntu.com/6709-1/
28
reference_url https://usn.ubuntu.com/7018-1/
reference_id USN-7018-1
reference_type
scores
url https://usn.ubuntu.com/7018-1/
29
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:pypi/cryptography@42.0.2
purl pkg:pypi/cryptography@42.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17bx-vqxs-tfhj
1
vulnerability VCID-1fsa-y66v-nfcn
2
vulnerability VCID-nrz6-3fxy-6uen
3
vulnerability VCID-r7nw-s3b2-1ffh
4
vulnerability VCID-zxsw-as6f-cbhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@42.0.2
aliases CVE-2024-0727, GHSA-9v9h-cgj8-h64p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1q8r-54xd-9kgq
1
url VCID-361f-xedm-8uf8
vulnerability_id VCID-361f-xedm-8uf8
summary HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9243.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9243.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9243
reference_id
reference_type
scores
0
value 0.0165
scoring_system epss
scoring_elements 0.82482
published_at 2026-06-12T12:55:00Z
1
value 0.0165
scoring_system epss
scoring_elements 0.82487
published_at 2026-06-14T12:55:00Z
2
value 0.0165
scoring_system epss
scoring_elements 0.82491
published_at 2026-06-13T12:55:00Z
3
value 0.0165
scoring_system epss
scoring_elements 0.8242
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9243
2
reference_url https://cryptography.io/en/latest/changelog
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://cryptography.io/en/latest/changelog
3
reference_url https://cryptography.io/en/latest/changelog/#v1-5-3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://cryptography.io/en/latest/changelog/#v1-5-3
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9243
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9243
5
reference_url https://github.com/advisories/GHSA-q3cj-2r34-2cwc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-q3cj-2r34-2cwc
6
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
7
reference_url https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874
8
reference_url https://github.com/pyca/cryptography/issues/3211
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/issues/3211
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2017-8.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2017-8.yaml
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT/
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9243
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9243
20
reference_url http://www.openwall.com/lists/oss-security/2016/11/09/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/11/09/2
21
reference_url http://www.securityfocus.com/bid/94216
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94216
22
reference_url http://www.ubuntu.com/usn/USN-3138-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-3138-1
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1393431
reference_id 1393431
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1393431
24
reference_url https://usn.ubuntu.com/3138-1/
reference_id USN-3138-1
reference_type
scores
url https://usn.ubuntu.com/3138-1/
fixed_packages
0
url pkg:pypi/cryptography@1.5.3
purl pkg:pypi/cryptography@1.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1q8r-54xd-9kgq
1
vulnerability VCID-3bkk-xmkv-gfe7
2
vulnerability VCID-6pw5-g8v8-t7hg
3
vulnerability VCID-8xnp-e1zg-2khp
4
vulnerability VCID-depm-jqfg-3kfg
5
vulnerability VCID-mdxb-6a33-kyfr
6
vulnerability VCID-nrz6-3fxy-6uen
7
vulnerability VCID-r7nw-s3b2-1ffh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.5.3
aliases CVE-2016-9243, GHSA-q3cj-2r34-2cwc, PYSEC-2017-8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-361f-xedm-8uf8
2
url VCID-3bkk-xmkv-gfe7
vulnerability_id VCID-3bkk-xmkv-gfe7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0286.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0286.json
1
reference_url https://access.redhat.com/security/cve/cve-2023-0286
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2023-0286
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0286
reference_id
reference_type
scores
0
value 0.86858
scoring_system epss
scoring_elements 0.99452
published_at 2026-06-14T12:55:00Z
1
value 0.88334
scoring_system epss
scoring_elements 0.99516
published_at 2026-06-11T12:55:00Z
2
value 0.88334
scoring_system epss
scoring_elements 0.99519
published_at 2026-06-13T12:55:00Z
3
value 0.88334
scoring_system epss
scoring_elements 0.99518
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0286
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
10
reference_url https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0286
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0286
12
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003
13
reference_url https://rustsec.org/advisories/RUSTSEC-2023-0006.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2023-0006.html
14
reference_url https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig
reference_id 018_x509.patch.sig
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/
url https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig
15
reference_url https://www.openssl.org/news/secadv/20230207.txt
reference_id 20230207.txt
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/
url https://www.openssl.org/news/secadv/20230207.txt
16
reference_url https://security.gentoo.org/glsa/202402-08
reference_id 202402-08
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/
url https://security.gentoo.org/glsa/202402-08
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2164440
reference_id 2164440
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2164440
18
reference_url https://github.com/advisories/GHSA-x4qr-2fvf-3mr5
reference_id GHSA-x4qr-2fvf-3mr5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x4qr-2fvf-3mr5
19
reference_url https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt
reference_id libressl-3.6.2-relnotes.txt
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/
url https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt
20
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9
reference_id ?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9
21
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658
reference_id ?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658
22
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d
reference_id ?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d
23
reference_url https://access.redhat.com/errata/RHSA-2023:0946
reference_id RHSA-2023:0946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0946
24
reference_url https://access.redhat.com/errata/RHSA-2023:1199
reference_id RHSA-2023:1199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1199
25
reference_url https://access.redhat.com/errata/RHSA-2023:1335
reference_id RHSA-2023:1335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1335
26
reference_url https://access.redhat.com/errata/RHSA-2023:1405
reference_id RHSA-2023:1405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1405
27
reference_url https://access.redhat.com/errata/RHSA-2023:1437
reference_id RHSA-2023:1437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1437
28
reference_url https://access.redhat.com/errata/RHSA-2023:1438
reference_id RHSA-2023:1438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1438
29
reference_url https://access.redhat.com/errata/RHSA-2023:1439
reference_id RHSA-2023:1439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1439
30
reference_url https://access.redhat.com/errata/RHSA-2023:1440
reference_id RHSA-2023:1440
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1440
31
reference_url https://access.redhat.com/errata/RHSA-2023:1441
reference_id RHSA-2023:1441
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1441
32
reference_url https://access.redhat.com/errata/RHSA-2023:2022
reference_id RHSA-2023:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2022
33
reference_url https://access.redhat.com/errata/RHSA-2023:2165
reference_id RHSA-2023:2165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2165
34
reference_url https://access.redhat.com/errata/RHSA-2023:2932
reference_id RHSA-2023:2932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2932
35
reference_url https://access.redhat.com/errata/RHSA-2023:3354
reference_id RHSA-2023:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3354
36
reference_url https://access.redhat.com/errata/RHSA-2023:3355
reference_id RHSA-2023:3355
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3355
37
reference_url https://access.redhat.com/errata/RHSA-2023:3420
reference_id RHSA-2023:3420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3420
38
reference_url https://access.redhat.com/errata/RHSA-2023:3421
reference_id RHSA-2023:3421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3421
39
reference_url https://access.redhat.com/errata/RHSA-2023:4124
reference_id RHSA-2023:4124
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4124
40
reference_url https://access.redhat.com/errata/RHSA-2023:4128
reference_id RHSA-2023:4128
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4128
41
reference_url https://access.redhat.com/errata/RHSA-2023:4252
reference_id RHSA-2023:4252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4252
42
reference_url https://access.redhat.com/errata/RHSA-2023:5209
reference_id RHSA-2023:5209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5209
43
reference_url https://access.redhat.com/errata/RHSA-2024:5136
reference_id RHSA-2024:5136
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5136
44
reference_url https://access.redhat.com/errata/RHSA-2024:6095
reference_id RHSA-2024:6095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6095
45
reference_url https://access.redhat.com/errata/RHSA-2025:7733
reference_id RHSA-2025:7733
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7733
46
reference_url https://access.redhat.com/errata/RHSA-2025:7895
reference_id RHSA-2025:7895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7895
47
reference_url https://access.redhat.com/errata/RHSA-2025:7937
reference_id RHSA-2025:7937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7937
48
reference_url https://usn.ubuntu.com/5844-1/
reference_id USN-5844-1
reference_type
scores
url https://usn.ubuntu.com/5844-1/
49
reference_url https://usn.ubuntu.com/5845-1/
reference_id USN-5845-1
reference_type
scores
url https://usn.ubuntu.com/5845-1/
50
reference_url https://usn.ubuntu.com/5845-2/
reference_id USN-5845-2
reference_type
scores
url https://usn.ubuntu.com/5845-2/
51
reference_url https://usn.ubuntu.com/6564-1/
reference_id USN-6564-1
reference_type
scores
url https://usn.ubuntu.com/6564-1/
52
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:pypi/cryptography@39.0.1
purl pkg:pypi/cryptography@39.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17bx-vqxs-tfhj
1
vulnerability VCID-1866-qzmz-c7cu
2
vulnerability VCID-1q8r-54xd-9kgq
3
vulnerability VCID-8xnp-e1zg-2khp
4
vulnerability VCID-depm-jqfg-3kfg
5
vulnerability VCID-mdxb-6a33-kyfr
6
vulnerability VCID-nrz6-3fxy-6uen
7
vulnerability VCID-qpnp-4tye-27gu
8
vulnerability VCID-r7nw-s3b2-1ffh
9
vulnerability VCID-zxsw-as6f-cbhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@39.0.1
aliases CVE-2023-0286, GHSA-x4qr-2fvf-3mr5
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3bkk-xmkv-gfe7
3
url VCID-6pw5-g8v8-t7hg
vulnerability_id VCID-6pw5-g8v8-t7hg
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25659.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25659.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25659
reference_id
reference_type
scores
0
value 0.0076
scoring_system epss
scoring_elements 0.73882
published_at 2026-06-14T12:55:00Z
1
value 0.0076
scoring_system epss
scoring_elements 0.73883
published_at 2026-06-13T12:55:00Z
2
value 0.0076
scoring_system epss
scoring_elements 0.73868
published_at 2026-06-12T12:55:00Z
3
value 0.0076
scoring_system epss
scoring_elements 0.73794
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25659
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25659
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25659
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
5
reference_url https://github.com/pyca/cryptography/commit/58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494
6
reference_url https://github.com/pyca/cryptography/pull/5507
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/pull/5507
7
reference_url https://github.com/pyca/cryptography/pull/5507/commits/ce1bef6f1ee06ac497ca0c837fbd1c7ef6c2472b
reference_id
reference_type
scores
url https://github.com/pyca/cryptography/pull/5507/commits/ce1bef6f1ee06ac497ca0c837fbd1c7ef6c2472b
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2021-62.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2021-62.yaml
9
reference_url https://pypi.org/project/cryptography
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/cryptography
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1889988
reference_id 1889988
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1889988
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973247
reference_id 973247
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973247
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25659
reference_id CVE-2020-25659
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25659
13
reference_url https://github.com/advisories/GHSA-hggm-jpg3-v476
reference_id GHSA-hggm-jpg3-v476
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hggm-jpg3-v476
14
reference_url https://github.com/pyca/cryptography/security/advisories/GHSA-hggm-jpg3-v476
reference_id GHSA-hggm-jpg3-v476
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/security/advisories/GHSA-hggm-jpg3-v476
15
reference_url https://access.redhat.com/errata/RHSA-2021:1608
reference_id RHSA-2021:1608
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1608
16
reference_url https://access.redhat.com/errata/RHSA-2021:2239
reference_id RHSA-2021:2239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2239
17
reference_url https://usn.ubuntu.com/4613-1/
reference_id USN-4613-1
reference_type
scores
url https://usn.ubuntu.com/4613-1/
fixed_packages
0
url pkg:pypi/cryptography@3.2
purl pkg:pypi/cryptography@3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17bx-vqxs-tfhj
1
vulnerability VCID-1866-qzmz-c7cu
2
vulnerability VCID-1q8r-54xd-9kgq
3
vulnerability VCID-3bkk-xmkv-gfe7
4
vulnerability VCID-6pw5-g8v8-t7hg
5
vulnerability VCID-8xnp-e1zg-2khp
6
vulnerability VCID-9vdx-zu46-nydb
7
vulnerability VCID-depm-jqfg-3kfg
8
vulnerability VCID-mdxb-6a33-kyfr
9
vulnerability VCID-nrz6-3fxy-6uen
10
vulnerability VCID-qpnp-4tye-27gu
11
vulnerability VCID-r7nw-s3b2-1ffh
12
vulnerability VCID-v339-bjun-z3d3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@3.2
1
url pkg:pypi/cryptography@3.2.1
purl pkg:pypi/cryptography@3.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1866-qzmz-c7cu
1
vulnerability VCID-1q8r-54xd-9kgq
2
vulnerability VCID-3bkk-xmkv-gfe7
3
vulnerability VCID-8xnp-e1zg-2khp
4
vulnerability VCID-9vdx-zu46-nydb
5
vulnerability VCID-depm-jqfg-3kfg
6
vulnerability VCID-mdxb-6a33-kyfr
7
vulnerability VCID-nrz6-3fxy-6uen
8
vulnerability VCID-qpnp-4tye-27gu
9
vulnerability VCID-r7nw-s3b2-1ffh
10
vulnerability VCID-v339-bjun-z3d3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@3.2.1
aliases CVE-2020-25659, GHSA-hggm-jpg3-v476, PYSEC-2021-62
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6pw5-g8v8-t7hg
4
url VCID-8xnp-e1zg-2khp
vulnerability_id VCID-8xnp-e1zg-2khp
summary 
pyca/cryptography's wheels include vulnerable OpenSSL
pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.8-41.0.2 are vulnerable to several security issues. More details about the vulnerabilities themselves can be found in https://www.openssl.org/news/secadv/20230731.txt, https://www.openssl.org/news/secadv/20230719.txt, and https://www.openssl.org/news/secadv/20230714.txt.

If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.
references
0
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
1
reference_url https://github.com/pyca/cryptography/commit/b22271cf3c3dd8dc8978f8f4b00b5c7060b6538d
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/b22271cf3c3dd8dc8978f8f4b00b5c7060b6538d
2
reference_url https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
3
reference_url https://github.com/pyca/cryptography/security/advisories/GHSA-jm77-qphf-c4w8
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/security/advisories/GHSA-jm77-qphf-c4w8
4
reference_url https://github.com/advisories/GHSA-jm77-qphf-c4w8
reference_id GHSA-jm77-qphf-c4w8
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jm77-qphf-c4w8
fixed_packages
0
url pkg:pypi/cryptography@41.0.3
purl pkg:pypi/cryptography@41.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17bx-vqxs-tfhj
1
vulnerability VCID-1866-qzmz-c7cu
2
vulnerability VCID-1q8r-54xd-9kgq
3
vulnerability VCID-depm-jqfg-3kfg
4
vulnerability VCID-nrz6-3fxy-6uen
5
vulnerability VCID-qpnp-4tye-27gu
6
vulnerability VCID-r7nw-s3b2-1ffh
7
vulnerability VCID-zxsw-as6f-cbhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@41.0.3
aliases GHSA-jm77-qphf-c4w8, GMS-2023-1898
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xnp-e1zg-2khp
5
url VCID-depm-jqfg-3kfg
vulnerability_id VCID-depm-jqfg-3kfg
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50782.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50782.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-50782
reference_id
reference_type
scores
0
value 0.00855
scoring_system epss
scoring_elements 0.75474
published_at 2026-06-14T12:55:00Z
1
value 0.00855
scoring_system epss
scoring_elements 0.75394
published_at 2026-06-11T12:55:00Z
2
value 0.00855
scoring_system epss
scoring_elements 0.75479
published_at 2026-06-13T12:55:00Z
3
value 0.00855
scoring_system epss
scoring_elements 0.75465
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-50782
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50782
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50782
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
5
reference_url https://github.com/pyca/cryptography/issues/9785
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/issues/9785
6
reference_url https://www.couchbase.com/alerts
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.couchbase.com/alerts
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059308
reference_id 1059308
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059308
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2
reference_id cpe:/a:redhat:ansible_automation_platform:2
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:4::el8
reference_id cpe:/a:redhat:rhui:4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:4::el8
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6
reference_id cpe:/a:redhat:satellite:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
14
reference_url https://access.redhat.com/security/cve/CVE-2023-50782
reference_id CVE-2023-50782
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T16:14:33Z/
url https://access.redhat.com/security/cve/CVE-2023-50782
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-50782
reference_id CVE-2023-50782
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-50782
16
reference_url https://github.com/advisories/GHSA-3ww4-gg4f-jr7f
reference_id GHSA-3ww4-gg4f-jr7f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3ww4-gg4f-jr7f
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2254432
reference_id show_bug.cgi?id=2254432
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T16:14:33Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2254432
18
reference_url https://usn.ubuntu.com/6673-1/
reference_id USN-6673-1
reference_type
scores
url https://usn.ubuntu.com/6673-1/
19
reference_url https://usn.ubuntu.com/6673-2/
reference_id USN-6673-2
reference_type
scores
url https://usn.ubuntu.com/6673-2/
fixed_packages
0
url pkg:pypi/cryptography@42.0.0
purl pkg:pypi/cryptography@42.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17bx-vqxs-tfhj
1
vulnerability VCID-1fsa-y66v-nfcn
2
vulnerability VCID-1q8r-54xd-9kgq
3
vulnerability VCID-nrz6-3fxy-6uen
4
vulnerability VCID-r7nw-s3b2-1ffh
5
vulnerability VCID-zxsw-as6f-cbhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@42.0.0
aliases CVE-2023-50782, GHSA-3ww4-gg4f-jr7f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-depm-jqfg-3kfg
6
url VCID-mdxb-6a33-kyfr
vulnerability_id VCID-mdxb-6a33-kyfr
summary 
Vulnerable OpenSSL included in cryptography wheels
pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.5-40.0.2 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://www.openssl.org/news/secadv/20230530.txt.

If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.
references
0
reference_url https://cryptography.io/en/latest/changelog/#v41-0-0
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://cryptography.io/en/latest/changelog/#v41-0-0
1
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
2
reference_url https://github.com/pyca/cryptography/commit/8708245ccdeaff21d65eea68a4f8d2a7c5949a22
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/8708245ccdeaff21d65eea68a4f8d2a7c5949a22
3
reference_url https://github.com/pyca/cryptography/security/advisories/GHSA-5cpq-8wj7-hf2v
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/security/advisories/GHSA-5cpq-8wj7-hf2v
4
reference_url https://github.com/advisories/GHSA-5cpq-8wj7-hf2v
reference_id GHSA-5cpq-8wj7-hf2v
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5cpq-8wj7-hf2v
fixed_packages
0
url pkg:pypi/cryptography@41.0.0
purl pkg:pypi/cryptography@41.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17bx-vqxs-tfhj
1
vulnerability VCID-1866-qzmz-c7cu
2
vulnerability VCID-1q8r-54xd-9kgq
3
vulnerability VCID-2j5b-f6w5-3bft
4
vulnerability VCID-8xnp-e1zg-2khp
5
vulnerability VCID-depm-jqfg-3kfg
6
vulnerability VCID-nrz6-3fxy-6uen
7
vulnerability VCID-qpnp-4tye-27gu
8
vulnerability VCID-r7nw-s3b2-1ffh
9
vulnerability VCID-zxsw-as6f-cbhk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@41.0.0
aliases GHSA-5cpq-8wj7-hf2v, GMS-2023-1778
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mdxb-6a33-kyfr
7
url VCID-nrz6-3fxy-6uen
vulnerability_id VCID-nrz6-3fxy-6uen
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34073.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34073.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34073
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01123
published_at 2026-06-14T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.0112
published_at 2026-06-13T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.01114
published_at 2026-06-12T12:55:00Z
3
value 0.0001
scoring_system epss
scoring_elements 0.01115
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34073
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34073
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2026-35.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2026-35.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34073
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34073
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2453276
reference_id 2453276
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2453276
8
reference_url https://github.com/advisories/GHSA-m959-cc7f-wv43
reference_id GHSA-m959-cc7f-wv43
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m959-cc7f-wv43
9
reference_url https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43
reference_id GHSA-m959-cc7f-wv43
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:50:17Z/
url https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43
10
reference_url https://access.redhat.com/errata/RHSA-2026:7295
reference_id RHSA-2026:7295
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7295
fixed_packages
0
url pkg:pypi/cryptography@46.0.6
purl pkg:pypi/cryptography@46.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16k8-qnne-r7fj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@46.0.6
aliases CVE-2026-34073, GHSA-m959-cc7f-wv43, PYSEC-2026-35
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nrz6-3fxy-6uen
8
url VCID-r7nw-s3b2-1ffh
vulnerability_id VCID-r7nw-s3b2-1ffh
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26007.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26007.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26007
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01401
published_at 2026-06-14T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01395
published_at 2026-06-13T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.01386
published_at 2026-06-12T12:55:00Z
3
value 9e-05
scoring_system epss
scoring_elements 0.00969
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26007
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26007
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26007
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
5
reference_url https://github.com/pyca/cryptography/releases/tag/46.0.5
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/releases/tag/46.0.5
6
reference_url http://www.openwall.com/lists/oss-security/2026/02/10/4
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/02/10/4
7
reference_url https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c
reference_id 0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T21:28:38Z/
url https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127926
reference_id 1127926
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127926
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2438762
reference_id 2438762
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2438762
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26007
reference_id CVE-2026-26007
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26007
11
reference_url https://github.com/advisories/GHSA-r6ph-v2qm-q3c2
reference_id GHSA-r6ph-v2qm-q3c2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r6ph-v2qm-q3c2
12
reference_url https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2
reference_id GHSA-r6ph-v2qm-q3c2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T21:28:38Z/
url https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2
13
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
14
reference_url https://access.redhat.com/errata/RHSA-2026:12176
reference_id RHSA-2026:12176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12176
15
reference_url https://access.redhat.com/errata/RHSA-2026:13512
reference_id RHSA-2026:13512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13512
16
reference_url https://access.redhat.com/errata/RHSA-2026:13545
reference_id RHSA-2026:13545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13545
17
reference_url https://access.redhat.com/errata/RHSA-2026:13553
reference_id RHSA-2026:13553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13553
18
reference_url https://access.redhat.com/errata/RHSA-2026:13672
reference_id RHSA-2026:13672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13672
19
reference_url https://access.redhat.com/errata/RHSA-2026:19355
reference_id RHSA-2026:19355
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19355
20
reference_url https://access.redhat.com/errata/RHSA-2026:21431
reference_id RHSA-2026:21431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21431
21
reference_url https://access.redhat.com/errata/RHSA-2026:21517
reference_id RHSA-2026:21517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21517
22
reference_url https://access.redhat.com/errata/RHSA-2026:22330
reference_id RHSA-2026:22330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22330
23
reference_url https://access.redhat.com/errata/RHSA-2026:22993
reference_id RHSA-2026:22993
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22993
24
reference_url https://access.redhat.com/errata/RHSA-2026:2694
reference_id RHSA-2026:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2694
25
reference_url https://access.redhat.com/errata/RHSA-2026:5168
reference_id RHSA-2026:5168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5168
26
reference_url https://access.redhat.com/errata/RHSA-2026:5665
reference_id RHSA-2026:5665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5665
27
reference_url https://access.redhat.com/errata/RHSA-2026:6308
reference_id RHSA-2026:6308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6308
28
reference_url https://access.redhat.com/errata/RHSA-2026:6309
reference_id RHSA-2026:6309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6309
29
reference_url https://access.redhat.com/errata/RHSA-2026:6404
reference_id RHSA-2026:6404
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6404
30
reference_url https://access.redhat.com/errata/RHSA-2026:6497
reference_id RHSA-2026:6497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6497
31
reference_url https://access.redhat.com/errata/RHSA-2026:6567
reference_id RHSA-2026:6567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6567
32
reference_url https://access.redhat.com/errata/RHSA-2026:6568
reference_id RHSA-2026:6568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6568
33
reference_url https://access.redhat.com/errata/RHSA-2026:7295
reference_id RHSA-2026:7295
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7295
34
reference_url https://usn.ubuntu.com/8087-1/
reference_id USN-8087-1
reference_type
scores
url https://usn.ubuntu.com/8087-1/
35
reference_url https://usn.ubuntu.com/8087-3/
reference_id USN-8087-3
reference_type
scores
url https://usn.ubuntu.com/8087-3/
fixed_packages
0
url pkg:pypi/cryptography@46.0.5
purl pkg:pypi/cryptography@46.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16k8-qnne-r7fj
1
vulnerability VCID-nrz6-3fxy-6uen
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@46.0.5
aliases CVE-2026-26007, GHSA-r6ph-v2qm-q3c2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7nw-s3b2-1ffh
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.5.2