Security Advisory

CVE-2026-39892

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-08 20:49:41

Last updated 2026-04-09 19:52:22

Assigner GitHub_M

State PUBLISHED

Description

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulnerability is fixed in 46.0.7.

← Browse all CVEs View on cve.org ↗