Lkubb

**Name of the Vulnerable Software and Affected Versions** cryptography package versions prior to 41.0.2 **Description** The issue is related to errors in the certificate authentication procedure, which can be exploited by a remote attacker to perform a man-in-the-middle attack. The problem arises from the mishandling of SSH certificates that have critical options. **Recommendations** For versions prior to 41.0.2, update to version 41.0.2 or later to resolve the issue.