RLSA-2026:22313 Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer...

RLSA-2026:19187 Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to...

Moderate: Red Hat Security Advisory: compat-openssl11 security update

An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

JLSEC-2026-261 Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter...

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

RLSA-2026:4472 Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to...

RHEL 9 : compat-openssl11 (RHSA-2026:4472)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:4472 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2025-68160)

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out- of-bounds write can cause memory corruption which typically results in a crash, leading...

AZL-76212 CVE-2025-69421 affecting package openssl 1.1.1k-38

Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...

SUSE-SU-2024:3076-1 Security update for python39

This update for python39 fixes the following issues: Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 - CVE-2024-5642: Removed support for anything but OpenSSL 1.1.1 or newer bsc1227233 Non-security issues fixed: - Fixed executable bits for...

BIT-MYSQL-CLIENT-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates

The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

Rocky Linux 9 : compat-openssl11 (RLSA-2022:4899)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4899 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function i...

Security Bulletin: IBM Spectrum Conductor openssl 1.1.1 End of Life

Summary IBM Spectrum Conductor openssl 1.1.1 End of Life Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no messag...

SUSE CVE-2019-0190

A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or...

EulerOS Virtualization 3.0.2.6 : openssl (EulerOS-SA-2023-1052)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2022-2831)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally th...

EulerOS Virtualization 3.0.6.6 : openssl098e (EulerOS-SA-2022-2526)

According to the versions of the openssl098e package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime...

Oracle Linux 9 : compat-openssl11 (ELSA-2022-4899)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-4899 advisory. - Fixes CVE-2022-0778 openssl: Infinite loop in BNmodsqrt reachable when parsing certificates Resolves: rhbz2063147 Tenable has extracted the preceding...

Oracle Linux 8 : compat-openssl10 (ELSA-2022-5326)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-5326 advisory. 1:1.0.2o-4 - Fix CVE-2022-0778: Infinite loop in BNmodsqrt reachable when parsing certificates Resolves: rhbz2077417 Tenable has extracted the preceding...

EulerOS 2.0 SP3 : openssl098e (EulerOS-SA-2022-1754)

According to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli...

EulerOS 2.0 SP5 : openssl098e (EulerOS-SA-2022-1546)

According to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli...