CVE-2026-27448 pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

CVE-2026-27448

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

GHSA-5PWR-322W-8JR4 pyOpenSSL DTLS cookie callback buffer overflow

If a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Cookie values that are too long are now rejected...

pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback

If a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for any security-sensitive behavior, this could allow bypassing it. Unhandled exceptions now result in rejecting the...

Mageia: Security Advisory (MGASA-2013-0277)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PYSEC-2018-23

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on...

PYSEC-2018-24

Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS 12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends...

ALPINE-CVE-2018-1000807

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on...

PYSEC-2017-98

Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. This places users of the library with those configurations at risk of man-in-the-middle and information leakage attacks. Thi...

PYSEC-2013-31

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate...

Mandriva Linux Security Advisory : python-OpenSSL (MDVSA-2013:233)

A vulnerability has been discovered and corrected in python-OpenSSL : The string formatting of subjectAltName X509Extension instances in pyOpenSSL before 0.13.1 incorrectly truncated fields of the name when encountering a null byte, possibly allowing man-in-the-middle attacks through certificate...

Updated python-OpenSSL package fixes security vulnerability

The string formatting of subjectAltName X509Extension instances in pyOpenSSL before 0.13.1 incorrectly truncated fields of the name when encountering a null byte, possibly allowing man-in-the-middle attacks through certificate spoofing CVE-2013-4314...

MGASA-2013-0277 Updated python-OpenSSL package fixes security vulnerability

The string formatting of subjectAltName X509Extension instances in pyOpenSSL before 0.13.1 incorrectly truncated fields of the name when encountering a null byte, possibly allowing man-in-the-middle attacks through certificate spoofing CVE-2013-4314...

SLES9: Security update for Red Carpet

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: rug libredcarpet-tools rcd-modules xmlrpc-c rcd red-carpet libredcarpet python-openssl libredcarpet-python rcd-modules-devel xmlrpc-c-devel rcd-devel For mor...

SLES9: Security update for Red Carpet

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: rug libredcarpet-tools rcd-modules xmlrpc-c rcd red-carpet libredcarpet python-openssl libredcarpet-python rcd-modules-devel xmlrpc-c-devel rcd-devel For mor...

openSUSE 10 Security Update : python-wbem (python-wbem-2692)

This update switches the usage from python's SSL class to python-openssl. The original python class does not verify the SSL certificates which makes python-wbem vulnerable to a man-in-the-middle attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...