rpm package
opensuse/python-pyOpenSSL&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/python-pyOpenSSL&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-27459 | — | < 26.0.0-1.1 | 26.0.0-1.1 | Mar 17, 2026 | pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_generate_callback` returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Sta | ||
| CVE-2026-27448 | — | < 26.0.0-1.1 | 26.0.0-1.1 | Mar 17, 2026 | pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to `set_tlsext_servername_callback` raised an unhandled exception, this would result in a connection being accepted. If a user was relying | ||
| CVE-2013-4314 | — | < 24.1.0-1.2 | 24.1.0-1.2 | Sep 30, 2013 | The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a leg |
- CVE-2026-27459Mar 17, 2026affected < 26.0.0-1.1fixed 26.0.0-1.1
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_generate_callback` returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Sta
- CVE-2026-27448Mar 17, 2026affected < 26.0.0-1.1fixed 26.0.0-1.1
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to `set_tlsext_servername_callback` raised an unhandled exception, this would result in a connection being accepted. If a user was relying
- CVE-2013-4314Sep 30, 2013affected < 24.1.0-1.2fixed 24.1.0-1.2
The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a leg