Wind River Support Network

HomeDefectsLIN1021-21860
Acknowledged

LIN1021-21860 : Security Advisory - python-pyopenssl - CVE-2026-27459

Created: Mar 18, 2026    Updated: Apr 29, 2026
Found In Version: 10.21.20.2
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_generate_callback` returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0.0, cookie values that are too long are now rejected.
  • Linkedin
  • Facebook
  • Twitter
  • Youtube