[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-36242":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":31,"aliases":41,"duplicate_of":9,"upstream":44,"downstream":45,"duplicates":86,"related":87,"reserved_at":9,"published_at":102,"modified_at":103,"state":104,"summary":105,"references_raw":113,"kevs":187,"epss":188,"epss_history":191,"metrics":451,"affected":466},"CVE-2020-36242","In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.",null,[11,24],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],{"_key":25,"id":25,"name":26,"description":27,"type":15,"status":28,"abstraction":17,"likelihood_of_exploit":29,"capec":30},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","Draft","High",[],[32],{"_key":33,"name":34,"source":35,"url":36,"maturity":37,"reliability_score":38,"verified":39,"type":9,"platforms":40,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_PYCA_CRYPTOGRAPHY","Cryptography","github","https://github.com/pyca/cryptography/issues/5615","poc",0.3,false,[],[42,43],"GHSA-rhm9-p9w5-fwm7","PYSEC-2021-63",[],[46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84],{"_key":47},"ALPINE-CVE-2020-36242",{"_key":49},"UBUNTU-CVE-2020-36242",{"_key":51},"OPENSUSE-SU-2021:0349-1",{"_key":53},"SUSE-RU-2022:4567-1",{"_key":55},"SUSE-SU-2021:0594-1",{"_key":57},"SUSE-SU-2021:0668-1",{"_key":59},"SUSE-SU-2021:0669-1",{"_key":61},"SUSE-SU-2021:0675-1",{"_key":63},"SUSE-SU-2021:0696-1",{"_key":65},"SUSE-SU-2023:0604-1",{"_key":67},"SUSE-SU-2023:2783-2",{"_key":69},"SUSE-SU-2023:2783-1",{"_key":71},"OPENSUSE-SU-2024:11223-1",{"_key":73},"OPENSUSE-SU-2024:13819-1",{"_key":75},"RHSA-2021:1608",{"_key":77},"SUSE-SU-2023:1838-1",{"_key":79},"RHSA-2021:3254",{"_key":81},"MGASA-2021-0129",{"_key":83},"DEBIAN-CVE-2020-36242",{"_key":85},"RHSA-2021:2239",[],[88,89,90,91,92,93,94,95,96,97,98,99,100,101],{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":77},{"_key":81},"2021-02-07T19:50:57.000Z","2024-08-04T17:23:09.814Z","Modified",{"cisa_kev":39,"cisa_ransomware":39,"cisa_vendor":9,"epss_severity":106,"epss_score":107,"severity":108,"severity_score":109,"severity_version":110,"severity_source":111,"severity_vector":112,"severity_status":104},"low",0.01575,"critical",9.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",[114,125,131,135,140,145,149,153,158,162,166,171,175,179,183],{"url":36,"sources":115,"tags":118},[116,111,117],"cve.org","osv_pypi",[119,120,121,122,123,124],"X Refsource MISC","Exploit","Patch","Third Party Advisory","WEB","REPORT",{"url":126,"sources":127,"tags":128},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E/",[116,111],[129,130],"Vendor Advisory","X Refsource FEDORA",{"url":132,"sources":133,"tags":134},"https://www.oracle.com/security-alerts/cpuapr2022.html",[116,111,117],[119,121,122,123],{"url":136,"sources":137,"tags":138},"https://github.com/pyca/cryptography/compare/3.3.1...3.3.2",[116,111,117],[139,121,122,123],"X Refsource CONFIRM",{"url":141,"sources":142,"tags":143},"https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst",[116,111,117],[139,144,122,123],"Release Notes",{"url":146,"sources":147,"tags":148},"https://www.oracle.com/security-alerts/cpujul2022.html",[116,111,117],[119,121,122,123],{"url":150,"sources":151,"tags":152},"https://github.com/pyca/cryptography/security/advisories/GHSA-rhm9-p9w5-fwm7",[117],[123],{"url":154,"sources":155,"tags":156},"https://nvd.nist.gov/vuln/detail/CVE-2020-36242",[117],[157],"Advisory",{"url":159,"sources":160,"tags":161},"https://github.com/pyca/cryptography/commit/82b6ce28389f0a317bc55ba2091a74b346db7cae",[117],[123],{"url":163,"sources":164,"tags":165},"https://github.com/advisories/GHSA-rhm9-p9w5-fwm7",[117],[157],{"url":167,"sources":168,"tags":169},"https://github.com/pyca/cryptography",[117],[170],"PACKAGE",{"url":172,"sources":173,"tags":174},"https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2021-63.yaml",[117],[123],{"url":176,"sources":177,"tags":178},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E",[117],[123],{"url":180,"sources":181,"tags":182},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E",[117],[123],{"url":184,"sources":185,"tags":186},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E/",[117],[123],[],{"date":189,"score":107,"percentile":190},"2026-06-04",0.81882,[192,196,199,202,205,208,211,214,217,220,223,226,229,231,233,237,240,243,246,249,252,255,258,261,263,266,269,272,276,279,281,284,286,289,291,294,297,300,303,306,309,312,314,317,320,323,326,329,332,335,337,340,343,346,349,352,355,358,361,364,367,370,373,376,378,381,384,387,390,393,396,398,401,403,406,409,412,415,418,420,423,426,429,432,434,437,439,442,445,448],{"date":193,"score":194,"percentile":195},"2025-11-04",0.01272,0.7885,{"date":197,"score":194,"percentile":198},"2025-11-05",0.78848,{"date":200,"score":194,"percentile":201},"2025-11-06",0.78846,{"date":203,"score":194,"percentile":204},"2025-11-07",0.78859,{"date":206,"score":194,"percentile":207},"2025-11-08",0.78865,{"date":209,"score":194,"percentile":210},"2025-11-09",0.7886,{"date":212,"score":194,"percentile":213},"2025-11-10",0.78847,{"date":215,"score":194,"percentile":216},"2025-11-11",0.78851,{"date":218,"score":194,"percentile":219},"2025-11-12",0.78867,{"date":221,"score":194,"percentile":222},"2025-11-13",0.78876,{"date":224,"score":194,"percentile":225},"2025-11-14",0.78882,{"date":227,"score":194,"percentile":228},"2025-11-15",0.78881,{"date":230,"score":194,"percentile":225},"2025-11-16",{"date":232,"score":194,"percentile":222},"2025-11-17",{"date":234,"score":235,"percentile":236},"2025-11-18",0.16308,0.94293,{"date":238,"score":235,"percentile":239},"2025-11-19",0.94296,{"date":241,"score":235,"percentile":242},"2025-11-20",0.94299,{"date":244,"score":194,"percentile":245},"2025-11-21",0.78904,{"date":247,"score":194,"percentile":248},"2025-11-22",0.78905,{"date":250,"score":194,"percentile":251},"2025-11-23",0.78894,{"date":253,"score":194,"percentile":254},"2025-11-24",0.78892,{"date":256,"score":194,"percentile":257},"2025-11-25",0.78898,{"date":259,"score":194,"percentile":260},"2025-11-26",0.789,{"date":262,"score":194,"percentile":248},"2025-11-27",{"date":264,"score":194,"percentile":265},"2025-11-28",0.78897,{"date":267,"score":194,"percentile":268},"2025-11-29",0.78902,{"date":270,"score":194,"percentile":271},"2025-11-30",0.78901,{"date":273,"score":274,"percentile":275},"2025-12-01",0.00499,0.65151,{"date":277,"score":274,"percentile":278},"2025-12-02",0.65168,{"date":280,"score":274,"percentile":278},"2025-12-03",{"date":282,"score":194,"percentile":283},"2025-12-04",0.78899,{"date":285,"score":194,"percentile":248},"2025-12-05",{"date":287,"score":194,"percentile":288},"2025-12-06",0.78909,{"date":290,"score":194,"percentile":288},"2025-12-07",{"date":292,"score":194,"percentile":293},"2025-12-08",0.78913,{"date":295,"score":194,"percentile":296},"2025-12-09",0.7893,{"date":298,"score":194,"percentile":299},"2025-12-10",0.78953,{"date":301,"score":194,"percentile":302},"2025-12-11",0.78967,{"date":304,"score":194,"percentile":305},"2025-12-12",0.78987,{"date":307,"score":194,"percentile":308},"2025-12-13",0.78988,{"date":310,"score":194,"percentile":311},"2025-12-14",0.78985,{"date":313,"score":194,"percentile":311},"2025-12-15",{"date":315,"score":194,"percentile":316},"2025-12-16",0.78996,{"date":318,"score":194,"percentile":319},"2025-12-17",0.79003,{"date":321,"score":194,"percentile":322},"2025-12-18",0.79023,{"date":324,"score":194,"percentile":325},"2025-12-19",0.79034,{"date":327,"score":194,"percentile":328},"2025-12-20",0.79029,{"date":330,"score":194,"percentile":331},"2025-12-21",0.79022,{"date":333,"score":194,"percentile":334},"2025-12-22",0.79025,{"date":336,"score":194,"percentile":334},"2025-12-23",{"date":338,"score":194,"percentile":339},"2025-12-24",0.79039,{"date":341,"score":194,"percentile":342},"2025-12-25",0.79059,{"date":344,"score":194,"percentile":345},"2025-12-26",0.79056,{"date":347,"score":194,"percentile":348},"2025-12-27",0.79108,{"date":350,"score":194,"percentile":351},"2025-12-28",0.79046,{"date":353,"score":194,"percentile":354},"2025-12-29",0.7904,{"date":356,"score":194,"percentile":357},"2025-12-30",0.79047,{"date":359,"score":194,"percentile":360},"2025-12-31",0.79064,{"date":362,"score":274,"percentile":363},"2026-01-01",0.65421,{"date":365,"score":274,"percentile":366},"2026-01-02",0.65406,{"date":368,"score":274,"percentile":369},"2026-01-03",0.65407,{"date":371,"score":194,"percentile":372},"2026-01-04",0.79057,{"date":374,"score":194,"percentile":375},"2026-01-05",0.79053,{"date":377,"score":194,"percentile":342},"2026-01-06",{"date":379,"score":194,"percentile":380},"2026-01-07",0.79066,{"date":382,"score":194,"percentile":383},"2026-01-08",0.79076,{"date":385,"score":194,"percentile":386},"2026-01-09",0.79079,{"date":388,"score":194,"percentile":389},"2026-01-10",0.79081,{"date":391,"score":194,"percentile":392},"2026-01-11",0.79075,{"date":394,"score":194,"percentile":395},"2026-01-12",0.7906,{"date":397,"score":194,"percentile":372},"2026-01-13",{"date":399,"score":194,"percentile":400},"2026-01-14",0.79077,{"date":402,"score":194,"percentile":386},"2026-01-15",{"date":404,"score":194,"percentile":405},"2026-01-16",0.79085,{"date":407,"score":194,"percentile":408},"2026-01-17",0.79093,{"date":410,"score":194,"percentile":411},"2026-01-18",0.79089,{"date":413,"score":194,"percentile":414},"2026-01-19",0.79082,{"date":416,"score":194,"percentile":417},"2026-01-20",0.7908,{"date":419,"score":194,"percentile":405},"2026-01-21",{"date":421,"score":194,"percentile":422},"2026-01-22",0.79095,{"date":424,"score":194,"percentile":425},"2026-01-23",0.79123,{"date":427,"score":194,"percentile":428},"2026-01-24",0.79133,{"date":430,"score":194,"percentile":431},"2026-01-25",0.79126,{"date":433,"score":194,"percentile":425},"2026-01-26",{"date":435,"score":194,"percentile":436},"2026-01-27",0.79122,{"date":438,"score":194,"percentile":425},"2026-01-28",{"date":440,"score":194,"percentile":441},"2026-01-29",0.79119,{"date":443,"score":194,"percentile":444},"2026-01-30",0.79121,{"date":446,"score":194,"percentile":447},"2026-01-31",0.79125,{"date":449,"score":274,"percentile":450},"2026-02-01",0.65476,[452,461],{"source":111,"cvss_v2_0":453,"cvss_v3_0":9,"cvss_v3_1":458,"cvss_v4_0":9},{"baseScore":454,"baseSeverity":9,"vectorString":455,"impactScore":456,"exploitabilityScore":457},6.4,"AV:N/AC:L/Au:N/C:P/I:N/A:P",4.9,10,{"baseScore":109,"baseSeverity":459,"vectorString":112,"impactScore":460,"exploitabilityScore":457},"CRITICAL",8.7,{"source":117,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":462,"cvss_v4_0":463},{"baseScore":109,"baseSeverity":9,"vectorString":112,"impactScore":460,"exploitabilityScore":457},{"baseScore":464,"baseSeverity":9,"vectorString":465,"impactScore":9,"exploitabilityScore":9},8.8,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",[467,478,485,492],{"ecosystem":9,"name":468,"vendor":469,"product":468,"cpe_part":470,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":471},"cryptography","cryptography.io","a",[472],{"version":473,"is_range":474,"range_type":475,"version_start":9,"version_start_type":9,"version_end":476,"version_end_type":477,"fixed_in":9},"lt3.3.2",true,"cpe","3.3.2","excluding",{"ecosystem":9,"name":479,"vendor":480,"product":479,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":482},"fedora","fedoraproject","o",[483],{"version":484,"is_range":39,"range_type":475,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"33",{"ecosystem":9,"name":486,"vendor":487,"product":488,"cpe_part":470,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":489},"communications cloud native core network function cloud native environment","oracle","communications_cloud_native_core_network_function_cloud_native_environment",[490],{"version":491,"is_range":39,"range_type":475,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.10.0",{"ecosystem":493,"name":468,"vendor":493,"product":468,"cpe_part":9,"purl_type":494,"purl_namespace":9,"purl_name":468,"source":9,"versions":495},"PyPI","pypi",[496],{"version":497,"is_range":474,"range_type":498,"version_start":499,"version_start_type":500,"version_end":476,"version_end_type":477,"fixed_in":9},"gte3_1_lt3_3_2","ecosystem","3.1","including"]