CVE-2026-27459 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_gen…
High CVSS: 7.2

CVE-2026-27459

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_generate_callback` returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0.0, cookie values that are too long are now rejected.
Vendor
Pyopenssl
Product
Pyopenssl
CWE
CWE-120
Yayın Tarihi
2026-03-18 00:16:19
Güncelleme
2026-03-25 16:41:28
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-120 Pyopenssl HIGH Pyopenssl 2026

Referanslar

https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408 https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4