CVE-2023-38325: Improper Certificate Validation
(updated )
The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.
References
Detect and mitigate CVE-2023-38325 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →