Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : pyOpenSSL vulnerability (USN-8335-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8335-1 advisory. It was discovered that pyOpenSSL incorrectly handled exceptions in the tlsextservername callback. This could result in connections being...

SUSE-SU-2026:2255-1 Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 - CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer...

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

Security Bulletin: Multiple Vulnerabilities in pyOpenSSL bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the pyOpenSSL library, which is susceptible to a critical buffer overflow and a "fail-open" security bypass. A classic buffer overflow vulnerability exists when a user-provided cookie generation callback returns a value...

OESA-2026-1733 pyOpenSSL security update

pyOpenSSL is a rather thin wrapper around a subset of the OpenSSL library. With thin wrapper we mean that a lot of the object methods do nothing more than calling a corresponding function in the OpenSSL library. Security Fixes: A security vulnerability exists in the PyOpenSSL library's...

Linux Distros Unpatched Vulnerability : CVE-2026-27448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to...

CVE-2026-27448

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

a10-octavia (>=1.0.0 <=2.2.0), a2grunnerp (>=0.1.0 <=0.1.8) +1182 more potentially affected by CVE-2026-27459 via pyopenssl (>=22.0.0 <=25.3.0)

pyopenssl PYPI version =22.0.0, =1.0.0, =0.1.0, =0.9.2, =2.3.36, =2.0.0, =2.4.15, =0.1.17, =0.1.0, =0.3.4, =0.2.0, =0.1.1, =0.0.1.dev7, =0.27.0 and more Source cves: CVE-2026-27459 Source advisory: OSV:GHSA-5PWR-322W-8JR4...

K15151: pyOpenSSL vulnerability CVE-2013-4314

Security Advisory Description The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...

burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000807 via pyopenssl (>=16.0.0 <=17.4.0)

pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000807 Source advisory: OSV:GHSA-P28M-34F6-967Q...

burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000808 via pyopenssl (>=16.0.0 <=17.4.0)

pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000808 Source advisory: OSV:GHSA-2RCM-PHC9-3945...

burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000807 via pyopenssl (>=16.0.0 <=17.4.0)

pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000807 Source advisory: OSV:PYSEC-2018-23...

burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000808 via pyopenssl (>=16.0.0 <=17.4.0)

pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000808 Source advisory: OSV:PYSEC-2018-24...

ALPINE-CVE-2018-1000808

Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS 12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends...

SOL15151 - pyOpenSSL vulnerability CVE-2013-4314

Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

DEBIAN-CVE-2013-4314

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate...

CVE-2013-4314

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate...

PYSEC-2013-31

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate...