Name of the Vulnerable Software and Affected Versions OpenSSL backend versions prior to 1.0.2 python-cryptography versions prior to 1.0.2 python-cryptography-vectors versions prior to 1.0.2 python-pyasn1 versions prior to 0.1.8

Description The issue arises from the use of assertions in the OpenSSL backend to check response codes. When Python is run with the -O flag, these assertions are optimized away, potentially leading to undefined behavior if an invalid response code is received.

Recommendations For OpenSSL backend versions prior to 1.0.2, update to version 1.0.2 or later. For python-cryptography versions prior to 1.0.2, update to version 1.0.2 or later. For python-cryptography-vectors versions prior to 1.0.2, update to version 1.0.2 or later. For python-pyasn1 versions prior to 0.1.8, update to version 0.1.8 or later.