Search for packages
| purl | pkg:apk/alpine/py3-openssl@26.1.0-r0?arch=armv7&distroversion=v3.23&reponame=community |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-dt7c-fvqj-2bek | pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback If a user provided callback to `set_tlsext_servername_callback` raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for any security-sensitive behavior, this could allow bypassing it. Unhandled exceptions now result in rejecting the connection. Credit to **Leury Castillo** for reporting this issue. |
CVE-2026-27448
GHSA-vp96-hxj8-p424 |
| VCID-g6d1-v769-d7gw |
CVE-2026-40475
|
|
| VCID-mt1s-vhfk-5bda | pyOpenSSL DTLS cookie callback buffer overflow If a user provided callback to `set_cookie_generate_callback` returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Cookie values that are too long are now rejected. |
CVE-2026-27459
GHSA-5pwr-322w-8jr4 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-28T15:57:54.985929+00:00 | Alpine Linux Importer | Fixing | VCID-g6d1-v769-d7gw | https://secdb.alpinelinux.org/v3.23/community.json | 38.4.0 |
| 2026-04-28T15:57:54.350743+00:00 | Alpine Linux Importer | Fixing | VCID-dt7c-fvqj-2bek | https://secdb.alpinelinux.org/v3.23/community.json | 38.4.0 |
| 2026-04-28T15:57:48.973366+00:00 | Alpine Linux Importer | Fixing | VCID-mt1s-vhfk-5bda | https://secdb.alpinelinux.org/v3.23/community.json | 38.4.0 |