vulnerability

Huawei EulerOS: CVE-2018-1000807: pyOpenSSL security update

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Oct 8, 2018

Added

Mar 24, 2020

Modified

Apr 1, 2026

Description

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on the calling application and if it retains a reference to the memory.. This vulnerability appears to have been fixed in 17.5.0.

Solution

huawei-euleros-2_0_sp5-upgrade-python2-pyopenssl

References

CVE-2018-100080
https://attackerkb.com/topics/CVE-2018-100080
CWE-416
EULEROS-EulerOS-SA-2020-1320
EUVD-EUVD-2018-0123
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-0123

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report