Описание
(pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in ...)
| Релиз | Статус | Примечание |
|---|---|---|
| devel | pending | 25.3.0-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | not-affected | |
| esm-infra/focal | not-affected | |
| esm-infra/xenial | not-affected | |
| jammy | not-affected | 21.0.0-1 |
| noble | needs-triage | |
| questing | needs-triage | |
| upstream | released | 26.0.0 |
Показывать по
EPSS
Связанные уязвимости
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_generate_callback` returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0.0, cookie values that are too long are now rejected.
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in ...
EPSS