Upgrade cryptography to version 42.0.0 or later #34299
Labels
customer-reported
Issues that are reported by GitHub users external to the Azure organization.
needs-author-feedback
Workflow: More information is needed from author to address the issue.
question
The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Is your feature request related to a problem? Please describe.
Upgrade cryptography to version 42.0.0 or later
Additional context
The currently used version of the cryptography package (41.0.7) has a reported vulnerability.
A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
The package should be upgraded to version 42.0.0 or later to patch it
CVE-2023-50782
The text was updated successfully, but these errors were encountered: