CVE-2026-41677

ADVISORY - github

Summary

The *_from_pem_callback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of OpenSSL to over-read this buffer. OpenSSL 3.x is not affected by this.

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-125⁠

Out-of-bounds Read

CWE-1284⁠

Improper Validation of Specified Quantity in Input

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.