First published: Wed Dec 13 2023(Updated: )
A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Ansible Automation Platform | =2.0 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
Redhat Update Infrastructure | =4 | |
Python-cryptography Project Python-cryptography | <42.0.0 | |
pip/cryptography | <42.0.0 | 42.0.0 |
redhat/cryptography | <42.0.0 | 42.0.0 |
ubuntu/python-cryptography | <2.1.4-1ubuntu1.4+ | 2.1.4-1ubuntu1.4+ |
ubuntu/python-cryptography | <42.0.0 | 42.0.0 |
ubuntu/python-cryptography | <2.8-3ubuntu0.3 | 2.8-3ubuntu0.3 |
ubuntu/python-cryptography | <3.4.8-1ubuntu2.2 | 3.4.8-1ubuntu2.2 |
ubuntu/python-cryptography | <38.0.4-4ubuntu0.23.10.2 | 38.0.4-4ubuntu0.23.10.2 |
ubuntu/python-cryptography | <1.2.3-1ubuntu0.3+ | 1.2.3-1ubuntu0.3+ |
debian/python-cryptography | <=2.6.1-3+deb10u2<=2.6.1-3+deb10u4<=3.3.2-1<=38.0.4-3<=38.0.4-3~deb12u1<=41.0.7-4<=42.0.5-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.