MGASA-2025-0069

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2023-49083 CVE-2023-50782 CVE-2024-26130

Published: 17 Feb 2025, 18:37

Last modified:16 Apr 2026, 04:20

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

17 Feb 2025, 18:37

Published

Vulnerability first disclosed

16 Apr 2026, 04:20

Last Modified

Vulnerability information updated

Description

Updated python-cryptography & openssl packages fix security vulnerabilities Cryptography vulnerable to NULL-dereference when loading PKCS7 certificates. (CVE-2023-49083) Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659. (CVE-2023-50782) Cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override. (CVE-2024-26130)

Affected Systems

mageia•openssl
< 3.0.15-1.3.mga9
mageia•python-cryptography
< 39.0.1-1.1.mga9

MGASA-2025-0069

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)