Pypi · Cryptography · CVE-2023-38325
**Name of the Vulnerable Software and Affected Versions**
cryptography package versions prior to 41.0.2
**Description**
The issue is related to errors in the certificate authentication procedure, which can be exploited by a remote attacker to perform a man-in-the-middle attack. The problem arises from the mishandling of SSH certificates that have critical options.
**Recommendations**
For versions prior to 41.0.2, update to version 41.0.2 or later to resolve the issue.