Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : pyOpenSSL (EulerOS-SA-2026-2458)

According to the versions of the pyOpenSSL packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback t...

9.8CVSS5.9AI score0.00704EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

EulerOS Virtualization 2.13.0 : pyOpenSSL (EulerOS-SA-2026-2414)

According to the versions of the pyOpenSSL packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user...

6.3CVSS5.4AI score0.00241EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.6 views

EulerOS 2.0 SP13 : pyOpenSSL (EulerOS-SA-2026-2308)

According to the versions of the pyOpenSSL packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback t...

6.3CVSS5.5AI score0.00241EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:10 p.m.10 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security bypass in pyOpenSSL [CVE-2026-27448, CVE-2026-27459]

Summary IBM Watson Speech Services Cartridge is vulnerable to a security bypass in pyOpenSSL due to a flaw allowing user provided callback to settlsextservernamecallback. This raises an unhandled exception, resulting in connections being accepted that could allow bypassing of security-sensitive...

9.8CVSS5.8AI score0.00704EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/05/19 9:9 a.m.7 views

CLSA-2026-1779181743 pyOpenSSL: Fix of CVE-2026-27448

CVE-2026-27448: fix fail-open in settlsextservernamecallback when callback raises exception...

6.3CVSS5.8AI score0.00241EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 12:18 p.m.13 views

Security Bulletin: pyOpenSSL TLS SNI Callback Exception Handling Flaw Allows Security Bypass

Summary pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this...

9.8CVSS5.9AI score0.00704EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/04/13 4:38 p.m.7 views

CLSA-2026-1776098295 pyOpenSSL: Fix of CVE-2026-27448

CVE-2026-27448: fix fail-open in settlsextservernamecallback when callback raises exception...

6.3CVSS5.8AI score0.00241EPSS
Exploits0References1
OSV
OSV
added 2026/03/31 11:5 p.m.6 views

MGASA-2026-0074 Updated python-openssl packages fix security vulnerabilities

pyOpenSSL allows TLS connection bypass via unhandled callback exception in settlsextservernamecallback. CVE-2026-27448 pyOpenSSL DTLS cookie callback buffer overflow. CVE-2026-27459...

9.8CVSS6.2AI score0.00704EPSS
Exploits0References6
OSV
OSV
added 2026/03/27 2:3 p.m.6 views

OESA-2026-1734 pyOpenSSL security update

pyOpenSSL is a rather thin wrapper around a subset of the OpenSSL library. With thin wrapper we mean that a lot of the object methods do nothing more than calling a corresponding function in the OpenSSL library. Security Fixes: A security vulnerability exists in the PyOpenSSL library's...

9.8CVSS5.9AI score0.00704EPSS
Exploits0References3
OSV
OSV
added 2026/03/27 2:3 p.m.6 views

OESA-2026-1731 pyOpenSSL security update

pyOpenSSL is a rather thin wrapper around a subset of the OpenSSL library. With thin wrapper we mean that a lot of the object methods do nothing more than calling a corresponding function in the OpenSSL library. Security Fixes: A security vulnerability exists in the PyOpenSSL library's...

9.8CVSS5.9AI score0.00704EPSS
Exploits0References3
OSV
OSV
added 2026/03/27 2:3 p.m.8 views

OESA-2026-1730 pyOpenSSL security update

pyOpenSSL is a rather thin wrapper around a subset of the OpenSSL library. With thin wrapper we mean that a lot of the object methods do nothing more than calling a corresponding function in the OpenSSL library. Security Fixes: A security vulnerability exists in the PyOpenSSL library's...

9.8CVSS5.9AI score0.00704EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/19 12:26 a.m.6 views

SUSE CVE-2026-27448

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

3.7CVSS5.8AI score0.00241EPSS
Exploits0References17
NVD
NVD
added 2026/03/18 12:16 a.m.4 views

CVE-2026-27448

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

6.3CVSS0.00241EPSS
Exploits0References3
OSV
OSV
added 2026/03/18 12:0 a.m.3 views

UBUNTU-CVE-2026-27448

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

6.3CVSS5.8AI score0.00241EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/17 11:24 p.m.38 views

CVE-2026-27448 pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

6.3CVSS0.00241EPSS
Exploits0References3
CVE
CVE
added 2026/03/17 11:24 p.m.183 views

CVE-2026-27448

CVE-2026-27448 is a pyOpenSSL vulnerability (SNI/TLSEXT callback) where an unhandled exception in set_tlsext_servername_callback could cause a connection to be accepted. IBM security notes reiterate that this flaw exists in pyOpenSSL versions prior to 26.0.0 and that starting with 26.0.0 unhandle...

6.3CVSS5.8AI score0.00241EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/17 11:24 p.m.5 views

CVE-2026-27448

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

6.3CVSS5.3AI score0.00241EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/03/17 11:24 p.m.5 views

CVE-2026-27448

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

6.3CVSS5.3AI score0.00241EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.7 views

pyOpenSSL 安全漏洞

pyOpenSSL is an open-source Python library that encapsulates OpenSSL from the Python Cryptographic Authority project. Versions of pyOpenSSL from 0.14.0 to 26.0.0 contained security vulnerabilities. These vulnerabilities stemmed from unhandled exceptions in the settlsextservername Callback functio...

6.3CVSS5.8AI score0.00241EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/16 3:15 p.m.4 views

Not Failing Securely ('Failing Open')

Overview Affected versions of this package are vulnerable to Not Failing Securely 'Failing Open' via the settlsextservernamecallback function. An attacker can bypass security-sensitive checks by causing an unhandled exception in the callback, which results in the connection being accepted. If a...

6.3CVSS5.8AI score0.00241EPSS
Exploits0References2
Rows per page
Query Builder