67 matches found
openssl security update
An update is available for openssl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transpo...
Important: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On, Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Securit...
RHEL 8 : openssl (RHSA-2026:26275)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26275 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
CVE-2024-4741 vulnerabilities
Vulnerabilities for packages: openssl...
MiracleLinux 9 : openssl-3.2.2-6.el9.ML.1 (AXSA:2024-9111:08)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9111:08 advisory. openssl: Unbounded memory growth with session handling in TLSv1.3 CVE-2024-2511 openssl: Excessive time spent checking DSA keys and parameters...
SUSE: Security Advisory (SUSE-SU-2024:2059-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:2066-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-1465)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: edk2 / hvloader / openssl (CVE-2024-4741)
The version of edk2 / hvloader / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4741 advisory. - Issue summary: Calling the OpenSSL API function SSLfreebuffers May cause memory to be...
CVE-2024-4741 affecting package edk2 for versions less than 20240524git3e722403cd16-6
CVE-2024-4741 affecting package edk2 for versions less than 20240524git3e722403cd16-6. A patched version of the package is available...
CVE-2024-4741 affecting package openssl for versions less than 1.1.1k-31
CVE-2024-4741 affecting package openssl for versions less than 1.1.1k-31. A patched version of the package is available...
Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.
Summary IBM Rational Build Forge 8.0.0.27 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2024-40898 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error on Windows with modrewrite in server/vhost context. By sending a specially crafte...
Security Bulletin: IBM Watson Speech Services Cartridge v5.1.1 is vulnerable to multiple Operator package issues
Summary IBM Watson Speech Services Cartridge v5.1.1 is vulnerable to multiple Operator package issues.. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in OpenSSL (CVE-2024-4741)
Summary A vulnerability in OpenSSL used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-4741 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the SSLfreebuffers API function. By...
Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM DevOps Code ClearCase
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM DevOps Code ClearCase. CVE-2024-4741, CVE-2024-2511, CVE-2024-5535, CVE-2024-4603, CVE-2024-6119 Vulnerability Details CVEID:CVE-2024-4741 DESCRIPTION: OpenSSL could allow a remote attacker to execute...
Security Bulletin: Security vulnerability found in package openssl shipped with IBM CICS TX Advanced.
Summary Security vulnerability found in package openssl shipped with IBM CICS TX Advanced. The versions of the packages have been updated. Vulnerability Details CVEID:CVE-2024-4741 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-fr...
Security update for openssl-3, libpulp, ulp-macros
This update for openssl-3, libpulp, ulp-macros fixes the following issues: openssl-3: - CVE-2024-6119: possible denial of service in X.509 name checks bsc1229465 - CVE-2024-5535: SSLselectnextproto buffer overread bsc1227138 - CVE-2024-4741: Fixed a use-after-free with SSLfreebuffers bsc1225551...
CVE-2024-4741 affecting package hvloader for versions less than 1.0.1-6
CVE-2024-4741 affecting package hvloader for versions less than 1.0.1-6. An upgraded version of the package is available that resolves this issue...
Siemens SCALANCE M-800 Use After Free (CVE-2024-4741)
Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
CBL Mariner 2.0 Security Update: edk2 / hvloader / openssl (CVE-2024-4741)
The version of edk2 / hvloader / openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4741 advisory. - Issue summary: Calling the OpenSSL API function SSLfreebuffers May cause memory to be...