33 matches found
Security Bulletin: Vulnerability in IBM Java, Websphere, OpenSSL, libcurl, and Apache Commons may affect IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments and IBM Storage Protect for Space Management
Summary IBM Spectrum Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments and IBM Storage Protect for Space Management can be affected by logging and security vulnerabilities. This update improves reliability of Java object property handling, modern logging frameworks and...
MiracleLinux 9 : openssl-3.2.2-6.el9.ML.1 (AXSA:2024-9111:08)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9111:08 advisory. openssl: Unbounded memory growth with session handling in TLSv1.3 CVE-2024-2511 openssl: Excessive time spent checking DSA keys and parameters...
SUSE: Security Advisory (SUSE-SU-2024:2066-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-4603 affecting package edk2 for versions less than 20240524git3e722403cd16-8
CVE-2024-4603 affecting package edk2 for versions less than 20240524git3e722403cd16-8. A patched version of the package is available...
Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / edk2 / hvloader / nodejs / nodejs18 / openssl (CVE-2024-4603)
The version of cloud-hypervisor-cvm / edk2 / hvloader / nodejs / nodejs18 / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4603 advisory. - Issue summary: Checking excessively long DSA ke...
Security Bulletin: vulnerability in OpenSSL affects IBM Workload Automation.
Summary IBM Workload Automation has vulnerability in OpenSSL CVE-2024-4603 Vulnerability Details CVEID:CVE-2024-4603 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by improper input validation by the EVPPKEYparamcheck or EVPPKEYpubliccheck function. By parsing a specially craft...
CLSA-2024-1735121358 openssl: Fix of CVE-2024-4603
CVE-2024-4603: Check DSA parameters for excessive sizes before validating...
CVE-2024-4603 affecting package hvloader for versions less than 1.0.1-6
CVE-2024-4603 affecting package hvloader for versions less than 1.0.1-6. An upgraded version of the package is available that resolves this issue...
ALSA-2024:9333 Low: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Unbounded memory growth with session handling in TLSv1.3 CVE-2024-2511 openssl: Excessive time...
Oracle HTTP Server (October 2024 CPU)
The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener OpenSSL. The supported version that is affected i...
CVE-2024-4603 affecting package openssl for versions less than 3.3.2-1
CVE-2024-4603 affecting package openssl for versions less than 3.3.2-1. An upgraded version of the package is available that resolves this issue...
N-MDM -- Impact of CVE-2024-4603 on N-MDM and N-MDM connector
Issue Summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...
CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm / edk2 / hvloader / nodejs / nodejs18 / openssl (CVE-2024-4603)
The version of cloud-hypervisor-cvm / edk2 / hvloader / nodejs / nodejs18 / openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4603 advisory. - Issue summary: Checking excessively long DSA ke...
CVE-2024-4603 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-4603 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this issue...
SUSE SLED15: libopenssl-3-devel / libopenssl-3-devel-32bit / etc (SUSE-SU-2024:2066-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2066-1 advisory. Security issues fixed: - CVE-2024-4603: Check DSA parameters for excessive sizes before validati...
openSUSE Security Advisory (SUSE-SU-2024:2066-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:2066-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: Security issues fixed: - CVE-2024-4603: Check DSA parameters for excessive sizes before validating bsc1224388 - CVE-2024-4741: Fixed a use-after-free with SSLfreebuffers. bsc1225551 Other issues fixed: - Enable livepatching support bsc1223428 ...
openSUSE: Security Advisory for openssl (SUSE-SU-2024:1947-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...