Gentoo Linux Security Advisory 202407-6 - Multiple vulnerabilities have been discovered in cryptography, the worst of which could lead to a denial of service. Versions greater than or equal to 42.0.4 are affected.
f8620483b3b729d77ad368cacfffca0d4fba7017da142ea0d7b075a566f1f717
Red Hat Security Advisory 2024-3105-03 - An update for python3.11-cryptography is now available for Red Hat Enterprise Linux 8.
2bb139338ec03ce728b8186f85a29463b69c49b75e9d462bf419d7516668e7e2
Red Hat Security Advisory 2024-2337-03 - An update for python3.11-cryptography is now available for Red Hat Enterprise Linux 9.
2920880c09e024aee0c8f5ca51d3a76f8e8d66292750f89ed79c72433027b1b0
Ubuntu Security Notice 6539-1 - It was discovered that the python-cryptography Cipher.update_into function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that python-cryptography incorrectly handled loading certain PKCS7 certificates. A remote attacker could possibly use this issue to cause python-cryptography to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10.
3a7b36d4d9cee2aab775270dde0bdeef3e2be1bced5dae6841e343a63c5c734e