Lucene search
K

12 matches found

RedHat Linux
RedHat Linux
added 2026/06/22 3:13 p.m.7 views

openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword. A less preferred key exchange may be used...

6.5CVSS5.8AI score0.00435EPSS
Exploits0References7
OSV
OSV
added 2026/04/27 6:33 p.m.11 views

JLSEC-2026-271 Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key...

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

7.5CVSS5.6AI score0.00435EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/03/15 12:25 a.m.6 views

SUSE CVE-2026-2673

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

5.3CVSS5.8AI score0.00435EPSS
Exploits0References5
NVD
NVD
added 2026/03/13 7:54 p.m.11 views

CVE-2026-2673

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

6.5CVSS0.00435EPSS
Exploits0References5
OSV
OSV
added 2026/03/13 7:54 p.m.4 views

ALPINE-CVE-2026-2673

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

6.5CVSS5.8AI score0.00435EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/13 7:54 p.m.8 views

CVE-2026-2673

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

6.5CVSS5.9AI score0.00435EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/13 1:23 p.m.31 views

CVE-2026-2673 OpenSSL TLS 1.3 server may choose unexpected key agreement group

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

0.00435EPSS
Exploits0References3
CVE
CVE
added 2026/03/13 1:23 p.m.92 views

CVE-2026-2673

OpenSSL CVE-2026-2673 affects OpenSSL 3.5 and 3.6 series. The issue arises when an OpenSSL TLS 1.3 server uses the DEFAULT keyword to interpolate a built-in/default group list into its own configuration, causing the group tuples to lose their structure. As a result, the server may treat all suppo...

6.5CVSS5.8AI score0.00435EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/13 1:23 p.m.2 views

CVE-2026-2673 OpenSSL TLS 1.3 server may choose unexpected key agreement group

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

5.8AI score0.00435EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/03/13 1:23 p.m.4 views

CVE-2026-2673

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

6.5CVSS5.9AI score0.00435EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.2 views

OpenSSL Security Advisory 20260313

OpenSSL Security Advisory 20260313 - An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword...

5.8AI score0.00435EPSS
Exploits0
FreeBSD
FreeBSD
added 2026/03/13 12:0 a.m.7 views

OpenSSL -- key agreement vulnerability

The OpenSSL project reports: TLS 1.3 server may choose unexpected key agreement group Low An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword...

6.5CVSS5.8AI score0.00435EPSS
Exploits0References1
Rows per page
Query Builder