cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.
Metrics
Affected Vendors & Products
References
History
Fri, 11 Oct 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat satellite
Redhat satellite Capsule |
|
CPEs | cpe:/a:redhat:satellite:6.15::el8 cpe:/a:redhat:satellite_capsule:6.15::el8 |
|
Vendors & Products |
Redhat satellite
Redhat satellite Capsule |
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-02-21T16:28:18.632Z
Updated: 2024-08-14T20:01:52.628Z
Reserved: 2024-02-14T17:40:03.687Z
Link: CVE-2024-26130
Vulnrichment
Updated: 2024-08-01T23:59:32.542Z
NVD
Status : Awaiting Analysis
Published: 2024-02-21T17:15:09.863
Modified: 2024-11-21T09:01:59.757
Link: CVE-2024-26130
Redhat