Fix pyOpenSSL — CVE-2023-49083 HIGH
Fix CVE-2023-49083 (HIGH) in pyOpenSSL for PyPI. Paste your requirements.txt into PackageFix and get a patched version — no CLI, no signup. Use-after-free in memory handling during certificate parsing.
⚠ Vulnerability
CVE-2023-49083 (HIGH) — use-after-free in memory handling during certificate parsing in pyOpenSSL versions below 24.1.0.
Vulnerable Version — requirements.txt
pyOpenSSL==23.0.0
Fixed Version — requirements.txt
pyOpenSSL==24.1.0
✓ Fix
Update pyOpenSSL to 24.1.0 or later. Run pip install -r requirements.txt to apply. Verify with your ecosystem's audit tool after updating.
Paste your manifest — get back a fixed version with all CVEs patched in seconds.
Open PackageFix →No signup · No CLI · No GitHub connection · Runs 100% in your browser
CVE Details
| Field | Value |
|---|---|
| CVE ID | CVE-2023-49083 |
| Severity | HIGH |
| Package | pyOpenSSL (PyPI) |
| Vulnerable versions | Below 24.1.0 |
| Safe version | 24.1.0 |
| CISA KEV | — |
| Description | Use-after-free in memory handling during certificate parsing |
Frequently Asked Questions
What is CVE-2023-49083?
CVE-2023-49083 is a HIGH severity vulnerability in pyOpenSSL (PyPI). It allows use-after-free in memory handling during certificate parsing. Update to version 24.1.0 or later to fix it.
How do I fix CVE-2023-49083 in pyOpenSSL?
Update pyOpenSSL to version 24.1.0 in your requirements.txt. Run pip install -r requirements.txt after updating to apply the fix.
Is CVE-2023-49083 being actively exploited?
Check the live CISA KEV catalog at packagefix.dev — PackageFix always reflects the current KEV status.
How do I check if I am affected by CVE-2023-49083?
Paste your requirements.txt into PackageFix. If your installed version of pyOpenSSL is below 24.1.0, you are affected. PackageFix shows the exact CVE ID and fix version.
What search queries does this page target?
This page covers: pyOpenSSL CVE, pyOpenSSL vulnerability, OpenSSL Python security.