CVE-2026-27459

ADVISORY - github

Summary

If a user provided callback to set_cookie_generate_callback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer.

Cookie values that are too long are now rejected.

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-120⁠

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.