VulnerableCode Package Details - pkg:pypi/cryptography@42.0.3

Search for packages

Vulnerability	Summary	Fixed by
VCID-fa2w-8q46-1fcb Aliases: GHSA-h4gh-qq45-vh27	pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels	43.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-wmwm-snjw-aaam Aliases: CGA-f4qg-9fw4-8247 CVE-2024-26130 GHSA-6vqw-3v5j-54x4 PYSEC-2024-225	cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.	42.0.4 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ypp8-vqu8-f7en Aliases: CVE-2024-12797 GHSA-79v4-65xg-pq4g	openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected	44.0.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-fa2w-8q46-1fcb
Aliases:
GHSA-h4gh-qq45-vh27

pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels

43.0.1
Affected by 1 other vulnerability.

VCID-wmwm-snjw-aaam
Aliases:
CGA-f4qg-9fw4-8247
CVE-2024-26130
GHSA-6vqw-3v5j-54x4
PYSEC-2024-225

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.

42.0.4
Affected by 2 other vulnerabilities.

VCID-ypp8-vqu8-f7en
Aliases:
CVE-2024-12797
GHSA-79v4-65xg-pq4g

openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected

44.0.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T17:16:28.192863+00:00	GitLab Importer	Affected by	VCID-ypp8-vqu8-f7en	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-12797.yml	36.1.3
2025-06-20T17:07:22.202997+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	36.1.3
2025-06-20T16:53:40.897786+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	36.1.3
2025-06-03T23:51:41.780437+00:00	GitLab Importer	Affected by	VCID-ypp8-vqu8-f7en	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-12797.yml	36.1.0
2025-06-03T23:43:28.358184+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	36.1.0
2025-06-03T23:30:46.150051+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	36.1.0
2025-06-02T23:50:30.441017+00:00	GitLab Importer	Affected by	VCID-ypp8-vqu8-f7en	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-12797.yml	36.1.2
2025-06-02T23:41:47.786364+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	36.1.2
2025-06-02T23:28:33.451752+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	36.1.2
2025-04-03T22:41:32.914404+00:00	GitLab Importer	Affected by	VCID-ypp8-vqu8-f7en	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-12797.yml	36.0.0
2025-04-03T22:22:28.717128+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	36.0.0
2025-04-03T21:56:52.643547+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	36.0.0
2025-03-28T22:57:42.642301+00:00	PyPI Importer	Affected by	VCID-wmwm-snjw-aaam	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	36.0.0
2025-03-28T15:58:50.322567+00:00	Pypa Importer	Affected by	VCID-wmwm-snjw-aaam	https://github.com/pypa/advisory-database/blob/main/vulns/cryptography/PYSEC-2024-225.yaml	36.0.0
2025-02-18T05:19:00.849451+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	35.1.0
2025-02-18T01:11:50.164109+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	35.1.0
2024-11-21T01:54:45.223260+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	35.0.0
2024-11-20T23:34:10.054138+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	35.0.0
2024-11-19T01:44:53.448015+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	34.3.2
2024-11-18T23:23:05.836787+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	34.3.2
2024-10-08T02:11:06.076657+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	34.0.2
2024-10-08T00:19:52.667190+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	34.0.2
2024-10-07T22:06:48.564892+00:00	GHSA Importer	Affected by	VCID-wmwm-snjw-aaam	https://github.com/advisories/GHSA-6vqw-3v5j-54x4	34.0.2
2024-10-07T16:15:43.763975+00:00	GHSA Importer	Affected by	VCID-fa2w-8q46-1fcb	https://github.com/advisories/GHSA-h4gh-qq45-vh27	34.0.2
2024-10-07T01:49:15.922123+00:00	GitLab Importer	Affected by	VCID-fa2w-8q46-1fcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/GHSA-h4gh-qq45-vh27.yml	34.0.1
2024-09-23T02:10:04.345621+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	34.0.1
2024-09-22T22:34:03.351245+00:00	GHSA Importer	Affected by	VCID-wmwm-snjw-aaam	https://github.com/advisories/GHSA-6vqw-3v5j-54x4	34.0.1
2024-09-22T16:40:12.959476+00:00	GHSA Importer	Affected by	VCID-fa2w-8q46-1fcb	https://github.com/advisories/GHSA-h4gh-qq45-vh27	34.0.1
2024-05-17T21:16:29.541432+00:00	GHSA Importer	Affected by	VCID-wmwm-snjw-aaam	https://github.com/advisories/GHSA-6vqw-3v5j-54x4	34.0.0rc4
2024-04-24T04:39:16.567237+00:00	GitLab Importer	Affected by	VCID-wmwm-snjw-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/cryptography/CVE-2024-26130.yml	34.0.0rc4