VulnerableCode Package Details - pkg:pypi/cryptography@42.0.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-fa2w-8q46-1fcb Aliases: GHSA-h4gh-qq45-vh27	pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels	43.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-wmwm-snjw-aaam Aliases: CGA-f4qg-9fw4-8247 CVE-2024-26130 GHSA-6vqw-3v5j-54x4 PYSEC-2024-225	cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.	42.0.4 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ypp8-vqu8-f7en Aliases: CVE-2024-12797 GHSA-79v4-65xg-pq4g	openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected	44.0.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-fa2w-8q46-1fcb
Aliases:
GHSA-h4gh-qq45-vh27

pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels

43.0.1
Affected by 1 other vulnerability.

VCID-wmwm-snjw-aaam
Aliases:
CGA-f4qg-9fw4-8247
CVE-2024-26130
GHSA-6vqw-3v5j-54x4
PYSEC-2024-225

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.

42.0.4
Affected by 2 other vulnerabilities.

VCID-ypp8-vqu8-f7en
Aliases:
CVE-2024-12797
GHSA-79v4-65xg-pq4g

openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected

44.0.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-jm31-c3d3-aaap	openssl: denial of service via null dereference	CVE-2024-0727 GHSA-9v9h-cgj8-h64p

Vulnerability

Summary

Aliases

VCID-jm31-c3d3-aaap

openssl: denial of service via null dereference

CVE-2024-0727
GHSA-9v9h-cgj8-h64p

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T17:16:28.191008+00:00	GitLab Importer	Affected by	VCID-ypp8-vqu8-f7en	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-12797.yml	36.1.3
2025-06-20T17:07:22.201182+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	36.1.3
2025-06-20T16:53:40.895715+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	36.1.3
2025-06-03T23:51:41.778885+00:00	GitLab Importer	Affected by	VCID-ypp8-vqu8-f7en	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-12797.yml	36.1.0
2025-06-03T23:43:28.356475+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	36.1.0
2025-06-03T23:30:46.148588+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	36.1.0
2025-06-02T23:50:30.439169+00:00	GitLab Importer	Affected by	VCID-ypp8-vqu8-f7en	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-12797.yml	36.1.2
2025-06-02T23:41:47.784819+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	36.1.2
2025-06-02T23:28:33.450109+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	36.1.2
2025-04-03T22:41:32.908790+00:00	GitLab Importer	Affected by	VCID-ypp8-vqu8-f7en	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-12797.yml	36.0.0
2025-04-03T22:22:28.712146+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	36.0.0
2025-04-03T21:56:52.638567+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	36.0.0
2025-03-28T22:57:42.637044+00:00	PyPI Importer	Affected by	VCID-wmwm-snjw-aaam	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	36.0.0
2025-03-28T15:58:50.317319+00:00	Pypa Importer	Affected by	VCID-wmwm-snjw-aaam	https://github.com/pypa/advisory-database/blob/main/vulns/cryptography/PYSEC-2024-225.yaml	36.0.0
2025-02-18T05:19:00.844602+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	35.1.0
2025-02-18T01:11:50.158985+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	35.1.0
2024-11-21T01:54:45.218250+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	35.0.0
2024-11-20T23:34:10.049799+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	35.0.0
2024-11-19T01:44:53.442979+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	34.3.2
2024-11-18T23:23:05.831769+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	34.3.2
2024-10-15T10:21:16.691238+00:00	GithubOSV Importer	Fixing	VCID-jm31-c3d3-aaap	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/01/GHSA-9v9h-cgj8-h64p/GHSA-9v9h-cgj8-h64p.json	34.0.2
2024-10-15T00:59:20.470136+00:00	GHSA Importer	Fixing	VCID-jm31-c3d3-aaap	https://github.com/advisories/GHSA-9v9h-cgj8-h64p	34.0.2
2024-10-08T02:11:06.071784+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	34.0.2
2024-10-08T00:19:52.662121+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	34.0.2
2024-10-07T22:06:48.560437+00:00	GHSA Importer	Affected by	VCID-wmwm-snjw-aaam	https://github.com/advisories/GHSA-6vqw-3v5j-54x4	34.0.2
2024-10-07T16:15:43.759048+00:00	GHSA Importer	Affected by	VCID-fa2w-8q46-1fcb	https://github.com/advisories/GHSA-h4gh-qq45-vh27	34.0.2
2024-10-07T01:49:15.917434+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	34.0.1
2024-09-23T02:10:04.340855+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	34.0.1
2024-09-22T22:34:03.346280+00:00	GHSA Importer	Affected by	VCID-wmwm-snjw-aaam	https://github.com/advisories/GHSA-6vqw-3v5j-54x4	34.0.1
2024-09-22T16:40:12.954053+00:00	GHSA Importer	Affected by	VCID-fa2w-8q46-1fcb	https://github.com/advisories/GHSA-h4gh-qq45-vh27	34.0.1
2024-09-18T09:21:13.874225+00:00	GithubOSV Importer	Fixing	VCID-jm31-c3d3-aaap	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/01/GHSA-9v9h-cgj8-h64p/GHSA-9v9h-cgj8-h64p.json	34.0.1
2024-09-17T22:27:13.827487+00:00	GitLab Importer	Fixing	VCID-jm31-c3d3-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-0727.yml	34.0.1
2024-09-17T22:13:20.166596+00:00	GHSA Importer	Fixing	VCID-jm31-c3d3-aaap	https://github.com/advisories/GHSA-9v9h-cgj8-h64p	34.0.1
2024-05-17T21:16:29.536747+00:00	GHSA Importer	Affected by	VCID-wmwm-snjw-aaam	https://github.com/advisories/GHSA-6vqw-3v5j-54x4	34.0.0rc4
2024-04-24T04:39:16.561071+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	34.0.0rc4
2024-04-23T23:13:37.612063+00:00	GithubOSV Importer	Fixing	VCID-jm31-c3d3-aaap	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/01/GHSA-9v9h-cgj8-h64p/GHSA-9v9h-cgj8-h64p.json	34.0.0rc4
2024-04-23T17:43:03.895509+00:00	GitLab Importer	Fixing	VCID-jm31-c3d3-aaap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-0727.yml	34.0.0rc4
2024-04-23T17:41:25.704325+00:00	GHSA Importer	Fixing	VCID-jm31-c3d3-aaap	https://github.com/advisories/GHSA-9v9h-cgj8-h64p	34.0.0rc4