Lucene search
AlmaLinuxALSA-2021:1024HistoryMar 29, 2021 - 7:03 p.m.
Important: openssl security update
2021-03-2919:03:22
errata.almalinux.org
30
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)
-
openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 8 | x86_64 | openssl | < 1.1.1g-15.el8_3 | openssl-1.1.1g-15.el8_3.x86_64.rpm |
| almalinux | 8 | i686 | openssl-devel | < 1.1.1g-15.el8_3 | openssl-devel-1.1.1g-15.el8_3.i686.rpm |
| almalinux | 8 | x86_64 | openssl-devel | < 1.1.1g-15.el8_3 | openssl-devel-1.1.1g-15.el8_3.x86_64.rpm |
| almalinux | 8 | i686 | openssl-libs | < 1.1.1g-15.el8_3 | openssl-libs-1.1.1g-15.el8_3.i686.rpm |
| almalinux | 8 | x86_64 | openssl-libs | < 1.1.1g-15.el8_3 | openssl-libs-1.1.1g-15.el8_3.x86_64.rpm |
| almalinux | 8 | x86_64 | openssl-perl | < 1.1.1g-15.el8_3 | openssl-perl-1.1.1g-15.el8_3.x86_64.rpm |
Related
oraclelinux
oraclelinux
openssl security update
2021-03-29 00:00:00
openssl security update
2021-04-01 00:00:00
ibm
ibm
nessus
nessus
Oracle Linux 8 : openssl (ELSA-2021-9151) (deprecated)
2021-04-01 00:00:00
RHEL 7 / 8 : Red Hat JBoss Web Server 5.4.2 Security Update (Important) (RHSA-2021:1195)
2021-04-14 00:00:00
RHEL 8 : openssl (RHSA-2021:1024)
2021-03-30 00:00:00
attackerkb
attackerkb
CVE-2021-3450
2021-03-25 00:00:00
OpenSSL TLS Server Crash (NULL pointer dereference) — CVE-2021-3449
2021-03-25 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1k-alt1
2021-03-29 00:00:00
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1k-alt1
2021-03-25 00:00:00
thn
thn
OpenSSL Releases Patches for 2 High-Severity Security Vulnerabilities
2021-03-26 14:56:00
redhat
redhat
(RHSA-2021:1203) Important: Red Hat JBoss Web Server 3.1 Service Pack 12 security update
2021-04-14 17:52:55
(RHSA-2021:1195) Important: Red Hat JBoss Web Server 5.4.2 Security Update
2021-04-14 14:22:39
(RHSA-2021:1024) Important: openssl security update
2021-03-29 19:03:22
mageia
mageia
Updated openssl packages fix security vulnerability
2021-04-05 18:54:07
osv
osv
Important: openssl security update
2021-03-29 19:03:22
NULL pointer deref in signature_algorithms processing
2021-05-01 12:00:00
openssl vulnerability
2021-03-25 14:29:46
amazon
amazon
Important: openssl11
2021-03-25 18:31:00
Important: edk2
2024-03-13 20:26:00
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021
2021-03-25 16:00:00
archlinux
archlinux
[ASA-202103-10] openssl: multiple issues
2021-03-25 00:00:00
freebsd
freebsd
OpenSSL -- Multiple vulnerabilities
2021-03-25 00:00:00
Node.js -- April 2021 Security Releases
2021-04-06 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-2.0-0331
2021-03-25 00:00:00
Important Photon OS Security Update - PHSA-2021-0331
2021-03-25 00:00:00
Important Photon OS Security Update - PHSA-2021-0210
2021-03-26 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-21:07.openssl
2021-03-25 00:00:00
symantec
symantec
OpenSSL Vulnerabilities Mar 2021
2021-04-07 19:44:57
fedora
fedora
[SECURITY] Fedora 34 Update: openssl-1.1.1k-1.fc34
2021-04-01 00:53:20
rocky
rocky
openssl security update
2021-03-29 19:03:22
nodejsblog
nodejsblog
April 2021 Security Releases
2021-04-06 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2021-03-31 00:00:00
kaspersky
kaspersky
KLA12311 Multiple vulnerabilities in Microsoft Developer Tools
2021-10-12 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2021-3449
2021-03-25 00:00:00
Vulnerability in OpenSSL CVE-2021-3450
2021-03-25 00:00:00
cve
cve
CVE-2021-3449
2021-03-25 15:15:00
CVE-2021-3450
2021-03-25 15:15:00
alpinelinux
alpinelinux
CVE-2021-3449
2021-03-25 15:15:00
CVE-2021-3450
2021-03-25 15:15:00
rustsec
rustsec
CA certificate check bypass with X509_V_FLAG_X509_STRICT
2021-05-01 12:00:00
NULL pointer deref in signature_algorithms processing
2021-05-01 12:00:00
f5
f5
K52171694 : OpenSSL vulnerability CVE-2021-3450
2021-03-26 00:00:00
K83623027 : OpenSSL vulnerability CVE-2021-3449
2021-03-26 00:00:00
prion
prion
Design/Logic Flaw
2021-03-25 15:15:00
Null pointer dereference
2021-03-25 15:15:00
debiancve
debiancve
CVE-2021-3450
2021-03-25 15:15:00
CVE-2021-3449
2021-03-25 15:15:00
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Openssl
2021-03-26 01:09:25
Exploit for NULL Pointer Dereference in Openssl
2023-09-08 10:53:39
debian
debian
[SECURITY] [DLA 2751-1] postgresql-9.6 security update
2021-08-31 14:03:14
[SECURITY] [DSA 4875-1] openssl security update
2021-03-25 15:41:28
[SECURITY] [DSA 4875-1] openssl security update
2021-03-25 15:41:28
cloudfoundry
cloudfoundry
USN-4891-1: OpenSSL vulnerability | Cloud Foundry
2021-04-14 00:00:00
redhatcve
redhatcve
CVE-2021-3449
2021-03-25 14:58:10
CVE-2021-3450
2021-03-25 14:58:02
seebug
seebug
OpenSSL 拒绝服务攻击(CVE-2021-3449)
2021-03-29 00:00:00
ubuntucve
ubuntucve
CVE-2021-3449
2021-03-25 00:00:00
CVE-2021-3450
2021-03-25 00:00:00
mscve
mscve
suse
suse
Security update for openssl-1_1 (important)
2021-03-26 00:00:00
Security update for nodejs12 (important)
2021-07-14 00:00:00
Security update for nodejs10 (important)
2021-07-20 00:00:00
ubuntu
ubuntu
OpenSSL vulnerability
2021-03-25 00:00:00
PostgreSQL vulnerabilities
2021-08-12 00:00:00
checkpoint_security
checkpoint_security
Check Point Response to OpenSSL CVE-2021-3449
2021-04-10 23:31:27
veracode
veracode
Denial Of Service (DoS)
2021-03-25 16:28:32
Privilege Escalation
2021-03-25 16:37:03
ics
ics
Siemens OpenSSL Vulnerabilities in Industrial Products (Update B)
2022-08-11 12:00:00
Hitachi Energy APM Edge (Update A)
2022-10-18 12:00:00
github
github
openssl-src NULL pointer Dereference in signature_algorithms processing
2021-08-25 20:54:02
Certificate check bypass in openssl-src
2021-08-25 20:54:00
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
Related for ALSA-2021:1024