py3-cryptography
42.0.4-r0
7.5
CVSS V3
cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
If pkcs12.serialize_key_and_certificates
is called with both:
encryption_algorithm
with hmac_hash
set (via PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)
Then a NULL pointer dereference would occur, crashing the Python process.
This has been resolved, and now a ValueError
is properly raised.