Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
cryptography has a buffer overflow if non-contiguous buffers were passed to APIs
Vulnerability Description
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulnerability is fixed in 46.0.7.
CVSS Information
N/A
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
cryptography 安全漏洞
Vulnerability Description
cryptography是Python Cryptographic Authority开源的一个Python的加密库。 cryptography 45.0.0至46.0.7之前版本存在安全漏洞,该漏洞源于缓冲区处理不当,可能导致缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A