Alexander-Programming

**Name of the Vulnerable Software and Affected Versions** cryptography versions 38.0.0 through 42.0.3 **Description** The issue is related to the `pkcs12.serialize key and certificates` function in the cryptography package for Python. If this function is called with a certificate whose public key does not match the provided private key and an `encryption algorithm` with `hmac hash` set, a NULL pointer dereference occurs, crashing the Python process. This issue has been resolved by properly raising a `ValueError` in the fixed version. **Recommendations** For cryptography versions 38.0.0 through 42.0.3, update to version 42.0.4 or later to resolve the issue. As a temporary workaround, consider avoiding the use of `pkcs12.serialize key and certificates` with mismatched public and private keys and `hmac hash` set until the update is applied.