VYPR

apk package

wolfi/py3-cryptography

pkg:apk/wolfi/py3-cryptography

Vulnerabilities (2)

  • CVE-2024-12797MedFeb 11, 2025
    affected < 44.0.1-r0fixed 44.0.1-r0

    Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER verification mode is set. Impact summary: TLS and DTLS connections u

  • CVE-2024-26130Feb 21, 2024
    affected < 42.0.4-r0fixed 42.0.4-r0

    cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided