Main Vulnerability Database SB20260408119

SB20260408119 - Fedora 44 update for python-cryptography

Published: April 8, 2026

Security Bulletin ID SB20260408119

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Certificate Validation (CVE-ID: CVE-2026-34073)

The vulnerability allows a remote attacker to bypass certificate name constraints validation.

The vulnerability exists due to improper certificate validation in the X.509 certificate validation logic when validating a peer name against a wildcard SAN certificate chain. A remote attacker can present a crafted certificate chain to bypass certificate name constraints validation.

Exploitation requires an uncommon X.509 topology involving an excluded subtree constraint that matches the peer name.

Remediation

Install update from vendor's website.

References

https://bodhi.fedoraproject.org/updates/FEDORA-2026-2423902e8b