VDB
JLSEC-2026-271
JLSEC-2026-271
PUBLISHED
CVSS 7.5 HIGH
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key...
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Julia | OpenSSL_jll | 3.5.0+0, 3.5.0+0 |
| Julia | AppBundler | 1.0.0, 1.0.0 |
| Julia | Openresty_jll | 1.29.203+0, 1.29.203+0 |
Timeline
- Apr 27, 2026 CVE Published
- Apr 27, 2026 CVE Updated
References
- http://www.openwall.com/lists/oss-security/2026/03/13/3 url
- https://github.com/advisories/GHSA-wj64-gh9j-xm82 url
- https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f url
- https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-2673 url
- https://openssl-library.org/news/secadv/20260313.txt url