Vulnerabilites related to pyca - cryptography
cve-2024-26130
Vulnerability from cvelistv5
Published
2024-02-21 16:28
Modified
2024-08-14 20:01
Severity ?
EPSS score ?
Summary
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4 | x_refsource_CONFIRM | |
| https://github.com/pyca/cryptography/pull/10423 | x_refsource_MISC | |
| https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pyca | cryptography |
Version: >= 38.0.0, < 42.0.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T23:59:32.542Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", }, { name: "https://github.com/pyca/cryptography/pull/10423", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/pyca/cryptography/pull/10423", }, { name: "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:cryptography_project:cryptography:*:*:*:*:*:python:*:*", ], defaultStatus: "unknown", product: "cryptography", vendor: "cryptography_project", versions: [ { lessThan: "42.04", status: "affected", version: "38.0.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-26130", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-14T19:56:07.150963Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-14T20:01:52.628Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "cryptography", vendor: "pyca", versions: [ { status: "affected", version: ">= 38.0.0, < 42.0.4", }, ], }, ], descriptions: [ { lang: "en", value: "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476: NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-21T16:28:18.632Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", }, { name: "https://github.com/pyca/cryptography/pull/10423", tags: [ "x_refsource_MISC", ], url: "https://github.com/pyca/cryptography/pull/10423", }, { name: "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", tags: [ "x_refsource_MISC", ], url: "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", }, ], source: { advisory: "GHSA-6vqw-3v5j-54x4", discovery: "UNKNOWN", }, title: "cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-26130", datePublished: "2024-02-21T16:28:18.632Z", dateReserved: "2024-02-14T17:40:03.687Z", dateUpdated: "2024-08-14T20:01:52.628Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-49083
Vulnerability from cvelistv5
Published
2023-11-29 18:50
Modified
2025-02-13 17:18
Severity ?
EPSS score ?
Summary
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pyca | cryptography |
Version: >= 3.1, < 41.0.6 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:46:29.207Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97", }, { name: "https://github.com/pyca/cryptography/pull/9926", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/pyca/cryptography/pull/9926", }, { name: "https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMNTYMUGFJSDBYBU22FUYBHFRZODRKXV/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "cryptography", vendor: "pyca", versions: [ { status: "affected", version: ">= 3.1, < 41.0.6", }, ], }, ], descriptions: [ { lang: "en", value: "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476: NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-17T02:06:11.686Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97", }, { name: "https://github.com/pyca/cryptography/pull/9926", tags: [ "x_refsource_MISC", ], url: "https://github.com/pyca/cryptography/pull/9926", }, { name: "https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a", tags: [ "x_refsource_MISC", ], url: "https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMNTYMUGFJSDBYBU22FUYBHFRZODRKXV/", }, ], source: { advisory: "GHSA-jfhm-5ghh-2f97", discovery: "UNKNOWN", }, title: "cryptography vulnerable to NULL-dereference when loading PKCS7 certificates", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-49083", datePublished: "2023-11-29T18:50:24.263Z", dateReserved: "2023-11-21T18:57:30.428Z", dateUpdated: "2025-02-13T17:18:29.993Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-23931
Vulnerability from cvelistv5
Published
2023-02-07 20:54
Modified
2025-03-10 21:15
Severity ?
EPSS score ?
Summary
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r | x_refsource_CONFIRM | |
| https://github.com/pyca/cryptography/pull/8230/commits/94a50a9731f35405f0357fa5f3b177d46a726ab3 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pyca | cryptography |
Version: >=1.8, < 39.0.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:42:27.102Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://security.netapp.com/advisory/ntap-20230324-0007/", }, { name: "https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r", }, { name: "https://github.com/pyca/cryptography/pull/8230/commits/94a50a9731f35405f0357fa5f3b177d46a726ab3", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/pyca/cryptography/pull/8230/commits/94a50a9731f35405f0357fa5f3b177d46a726ab3", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-23931", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-10T21:01:11.762140Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-10T21:15:21.787Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "cryptography", vendor: "pyca", versions: [ { status: "affected", version: ">=1.8, < 39.0.1", }, ], }, ], descriptions: [ { lang: "en", value: "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-754", description: "CWE-754: Improper Check for Unusual or Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-07T20:54:03.628Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r", }, { name: "https://github.com/pyca/cryptography/pull/8230/commits/94a50a9731f35405f0357fa5f3b177d46a726ab3", tags: [ "x_refsource_MISC", ], url: "https://github.com/pyca/cryptography/pull/8230/commits/94a50a9731f35405f0357fa5f3b177d46a726ab3", }, ], source: { advisory: "GHSA-w7pp-m8wf-vj6r", discovery: "UNKNOWN", }, title: "Cipher.update_into can corrupt memory in pyca cryptography", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-23931", datePublished: "2023-02-07T20:54:03.628Z", dateReserved: "2023-01-19T21:12:31.360Z", dateUpdated: "2025-03-10T21:15:21.787Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }