First published: Wed Dec 13 2023(Updated: )
A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/cryptography | <42.0.0 | 42.0.0 |
pip/cryptography | <42.0.0 | 42.0.0 |
Redhat Ansible Automation Platform | =2.0 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
Redhat Update Infrastructure | =4 | |
Cryptography.io Cryptography Python | <42.0.0 | |
Couchbase Couchbase Server | =7.6.0 | |
Couchbase Couchbase Server | =7.6.1 | |
debian/python-cryptography | <=3.3.2-1<=3.3.2-1+deb11u1<=38.0.4-3+deb12u1<=38.0.4-3~deb12u1 | 43.0.0-1 |
IBM Cognos Analytics | <=12.0.0-12.0.3 | |
IBM Cognos Analytics | <=11.2.0-11.2.4 FP4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.