Lucene search
K

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/06/08 9:52 p.m.43 views

Security Bulletin: Vulnerabities in SSL in IBM DataPower Gateway

Summary IBM DataPower Gateway has addressed two CVEs relating to SSL: CVE-2019-1559 & CVE-2018-0734 Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then...

5.9CVSS6.1AI score0.17139EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/06/17 12:0 a.m.53 views

EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2020-1629)

According to the versions of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in...

5.9CVSS6.5AI score0.17139EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/08/12 11:56 a.m.4 views

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

5.9CVSS6.7AI score0.17139EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/08/06 1:42 p.m.4 views

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

5.9CVSS6.7AI score0.17139EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.256 views

EulerOS Virtualization 2.5.3 : openssl (EulerOS-SA-2019-1258)

According to the version of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receiv...

5.9CVSS6.3AI score0.17139EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2019/03/20 12:0 a.m.37 views

Security fix for the ALT Linux 9 package openssl10 version 1.0.2r-alt1

March 20, 2019 Gleb Fotengauer-Malinovskiy 1.0.2r-alt1 - Updated to 1.0.2r fixes CVE-2019-1559. - Synced cipher-list.conf with libcrypto1.1 1.1.1b-alt1...

4.3CVSS6.5AI score0.17139EPSS
Exploits0
OSV
OSV
added 2019/02/27 11:29 p.m.2 views

ALPINE-CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

5.9CVSS6.9AI score0.17139EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/02/27 11:0 p.m.34 views

CVE-2019-1559 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

6.2AI score0.17139EPSS
Exploits0References36
CISA
CISA
added 2019/02/26 12:0 a.m.15 views

OpenSSL Releases Security Update

OpenSSL version 1.0.2r has been released to address a vulnerability for users of versions 1.0.2–1.0.2q. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the OpenSSL...

6.5AI score
Exploits0References1
Rows per page
Query Builder