AZL-75786 CVE-2025-69419 affecting package openssl 1.1.1k-38

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

MiracleLinux 8 : openssl-1.1.1k-14.el8_10 (AXSA:2026-025:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-025:02 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the MiracleLinux...

Advisory ROSA-SA-2025-3099

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-12.0.1.rv3 CVE-ID: CVE-2020-25659 BDU-ID: 2022-05647 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the python-cryptography package of the Python programming language interpreter is related to RSA key management...

Advisory ROSA-SA-2023-2211

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-9.rv3.src.rpm CVE-ID: CVE-2021-23840 BDU-ID: 2021-03742 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the EVPCipherUpdate, EVPEncryptUpdate, and EVPDecryptUpdate functions of the OpenSSL TLS and SSL protocols...

CVE-2022-4450 affecting package openssl 1.1.1k-16

CVE-2022-4450 affecting package openssl 1.1.1k-16. A patched version of the package is available...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2021:0955-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:0955-2 advisory. - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors

Summary There is a security advisory for openSSL1.1.1k which is used by IBM Tivoli Netcool System Service Monitors/Application Service Monitors 4.0.1 Vulnerability Details CVEID: CVE-2021-3712 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an...

Ubuntu 18.04 LTS / 20.04 LTS : OpenSSL vulnerabilities (USN-5051-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5051-1 advisory. John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications usi...

OESA-2021-1147 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation...

CVE-2021-3449

CVE-2021-3449 affects OpenSSL 1.1.1.x where a TLSv1.2 server may crash (DoS) if it receives a renegotiation ClientHello that omits the signature_algorithms extension but includes signature_algorithms_cert. The issue is a NULL pointer dereference leading to a denial of service; OpenSSL clients are...

CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...