CVE-201-4160 Vulnerability Is Found in Lib/site-packages/cryptography/hazmat/bindings/_openssl.pyd for Cryptography Version 3.3.2

[zjmxq]

BPO	46768
Nosy	@tiran

^{Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.}

Show more details

GitHub fields:

assignee = None
closed_at = <Date 2022-02-16.16:29:20.094>
created_at = <Date 2022-02-16.12:57:14.015>
labels = ['type-security', 'library', '3.9']
title = 'CVE-201-4160 Vulnerability Is Found in Lib/site-packages/cryptography/hazmat/bindings/_openssl.pyd for Cryptography Version 3.3.2'
updated_at = <Date 2022-02-16.16:29:20.090>
user = 'https://bugs.python.org/zjmxq'

bugs.python.org fields:

activity = <Date 2022-02-16.16:29:20.090>
actor = 'christian.heimes'
assignee = 'none'
closed = True
closed_date = <Date 2022-02-16.16:29:20.094>
closer = 'christian.heimes'
components = ['Library (Lib)']
creation = <Date 2022-02-16.12:57:14.015>
creator = 'zjmxq'
dependencies = []
files = []
hgrepos = []
issue_num = 46768
keywords = []
message_count = 1.0
messages = ['413339']
nosy_count = 2.0
nosy_names = ['christian.heimes', 'zjmxq']
pr_nums = []
priority = 'normal'
resolution = 'third party'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'security'
url = 'https://bugs.python.org/issue46768'
versions = ['Python 3.9']

[tiran]

The file is from 3rd party package PyCA cryptography and not maintained by us. 3.3.2 is an old version of cryptography and no longer supported. I recommend that you update to cryptography 36.0.1