PyPI: compliance-trestle

CVE-2023-50782

Safety vulnerability ID: SFTY-20240205-98128

Safety legacy ID: pyup.io-65626

Compliance-trestle version 2.6.0 upgrades its cryptography library to version 42.0.0 from 41.0.6 to mitigate the security issue CVE-2023-50782. https://github.com/oscal-compass/compliance-trestle/pull/1509/commits/41c880a2122fc52820e6fcee6f1193fd937c0673

PythonPyPINVDNVD
Created at: Mar 24, 2026Updated at: Mar 24, 2026

Overview

Compliance-trestle version 2.6.0 upgrades its cryptography library to version 42.0.0 from 41.0.6 to mitigate the security issue CVE-2023-50782. https://github.com/oscal-compass/compliance-trestle/pull/1509/commits/41c880a2122fc52820e6fcee6f1193fd937c0673

Advisory

Compliance-trestle version 2.6.0 upgrades its cryptography library to version 42.0.0 from 41.0.6 to mitigate the security issue CVE-2023-50782. https://github.com/oscal-compass/compliance-trestle/pull/1509/commits/41c880a2122fc52820e6fcee6f1193fd937c0673

Affected Package

Affecting compliance-trestle package, versions
<2.6.0

Also affects

---

How to Fix

Upgrade
compliance-trestle
to
2.6.0
or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Safety

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more