Security News

Cybersecurity news aggregator

🔓
MEDIUM Vulnerabilities Ubuntu Security

USN-8115-1: pyOpenSSL vulnerabilities

cve-2026-27448cve-2026-27459opensslmitre-ta0001mitre-t1190
  • What: pyOpenSSL has two vulnerabilities that could allow unexpected connections or denial of service.
  • Impact: Ubuntu 24.04 LTS and 25.10 users may be affected.
Read Full Article →

It was discovered that pyOpenSSL incorrectly handled exceptions in the tlsext_servername callback. This could result in connections being accepted after an exception, contrary to expectations. (CVE-2026-27448) It was discovered that pyOpenSSL incorrectly handled the DTLS cookie generation callback. If a callback provided cookie values greater than 256 bytes, an attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-27459)

Related Articles

HIGH Multiples vulnérabilités dans les produits Microsoft (23 mars 2026) CERT-FR (ANSSI) INFO Multiples vulnérabilités dans les produits IBM (07 mai 2026) CERT-FR (ANSSI) HIGH OpenSSL January 2026 Security Update: CMS and PKCS#12 Buffer Overflows Reddit r/netsec HIGH OpenSSL CVE-2025-15467 Fortinet PSIRT
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn