pkg:Alpine/py3-cryptography

7 total CVEsCRITICAL2HIGH1MEDIUM4

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2026-39892Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs
    from 0, < 46.0.7-r0
  • CRITICAL9.1CVE-2020-36242PyCA Cryptography symmetrically encrypting large values can lead to integer overflow
    from 0, < 3.3.2-r0
  • HIGH7.5CVE-2023-38325cryptography mishandles SSH certificates
    from 0, < 41.0.2-r0
  • MEDIUM6.5CVE-2026-26007cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
    from 0, < 46.0.5-r0
  • MEDIUM6.5CVE-2023-23931Cipher.update_into can corrupt memory if passed an immutable python object as the outbuf
    from 0, < 39.0.1-r0
  • MEDIUM5.9CVE-2020-25659RSA decryption vulnerable to Bleichenbacher timing vulnerability
    from 0, < 3.2.1-r0
  • MEDIUM5.3CVE-2026-34073cryptography has incomplete DNS name constraint enforcement on peer names
    from 0, < 46.0.7-r0