11 matches found
JLSEC-2026-271 Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key...
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...
SUSE CVE-2026-2673
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...
ALPINE-CVE-2026-2673
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...
CVE-2026-2673
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...
CVE-2026-2673
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...
CVE-2026-2673
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...
CVE-2026-2673 OpenSSL TLS 1.3 server may choose unexpected key agreement group
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...
CVE-2026-2673
OpenSSL CVE-2026-2673 affects OpenSSL 3.5 and 3.6 series. The issue arises when an OpenSSL TLS 1.3 server uses the DEFAULT keyword to interpolate a built-in/default group list into its own configuration, causing the group tuples to lose their structure. As a result, the server may treat all suppo...
CVE-2026-2673 OpenSSL TLS 1.3 server may choose unexpected key agreement group
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...
OpenSSL Security Advisory 20260313
OpenSSL Security Advisory 20260313 - An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword...
OpenSSL -- key agreement vulnerability
The OpenSSL project reports: TLS 1.3 server may choose unexpected key agreement group Low An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword...