subject:"\[Cryptography\-dev\] Affected version of CVE\-2020\-25659"

Re: [Cryptography-dev] Affected version of CVE-2020-25659

2020-10-28 Thread Alex Gaynor

Hi Tristan, Yes, this impacts every version going back to 0.4 when this functionality was first introduced. Alex On Wed, Oct 28, 2020 at 9:33 AM Tristan Laurillard wrote: > Hello, > > We maintain the Safety vulnerability tool. > > I have a small question regarding CVE-

[Cryptography-dev] Affected version of CVE-2020-25659

2020-10-28 Thread Tristan Laurillard

Hello, We maintain the Safety vulnerability tool. I have a small question regarding CVE-2020-25659: are all versions <=3.2 affected? We need to know who we should warn. Tristan Laurillard Operations Manager PyUp.io ___ Cryptog