Alpine/py3-cryptography — 7 CVEs

CRITICAL9.8CVE-2026-39892Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs

from 0, < 46.0.7-r0

CRITICAL9.1CVE-2020-36242PyCA Cryptography symmetrically encrypting large values can lead to integer overflow

from 0, < 3.3.2-r0

HIGH7.5CVE-2023-38325cryptography mishandles SSH certificates

from 0, < 41.0.2-r0

MEDIUM6.5cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

from 0, < 46.0.5-r0

MEDIUM6.5python-cryptography - security update

from 0, < 39.0.1-r0

MEDIUM5.9RSA decryption vulnerable to Bleichenbacher timing vulnerability

from 0, < 3.2.1-r0

MEDIUM5.3cryptography has incomplete DNS name constraint enforcement on peer names

from 0, < 46.0.7-r0

pkg:Alpine/py3-cryptography