SA40001 - [Pulse Secure] OpenSSL security advisory for March 19th, 2015

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On March 19th the OpenSSL project released a new security advisory. This advisory can be viewed here: http://openssl.org/news/secadv20150319.txt All products are not vulnerable to the...

SA40002 - [Pulse Secure] June 11th 2015 OpenSSL Security Advisory

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On June 11th, 2015 the OpenSSL project announced a group of new security advisories. These issues may affect Pulse Secure products. The OpenSSL advisory can be found at the following...

SA40145 - [Pulse Secure] January 28th 2016 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On January 28th 2016 the OpenSSL project announced two new security advisories. The OpenSSL advisory can be found at the following link: https://www.openssl.org/news/secadv/20160128.tx...

SA40100 - [Pulse Secure] December 3rd 2015 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On December 3rd, 2015 the OpenSSL project announced a group of new security advisories. These issues may affect Pulse Secure products. The OpenSSL advisory can be found at the followin...

SA40423 - January 26, 2017 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On January 26, 2017 the OpenSSL project announced a group of new security advisories. These issues affect all supported versions of Pulse Secure products. For a list of supported...

SA40425 - February 16, 2017 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On February 16, 2017 the OpenSSL project announced a group of new security advisories. These issues affect all supported versions of Pulse Secure products. For a list of supported...

SA44440 - April 21 2020 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On April 21 2020, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to...

SA44846 - OpenSSL Security Advisory CVE-2021-23841

On February 16 2021, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to resolve security vulnerabilities per our End of Engineering EOE and End of Life EOL policies. The OpenSSL...

SA45470 - OpenSSL Security Advisory CVE-2021-4154

Last Modified Date 21.04.2025 09:02:45...

OpenSSL Fixes Multiple New Security Flaws with Latest Update

The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an...

GHSA-R7JW-WP68-3XCH vulnerabilities

Vulnerabilities for packages: openssl...

SUSE-SU-2023:0308-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERALNAMEcmp for x400Address bsc1207533. - CVE-2023-0215: Fixed use-after-free following BIOnewNDEF bsc1207536. - CVE-2022-4304: Fixed timing Oracle in RSA Decryption bsc1207534...

SUSE-SU-2023:0306-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERALNAMEcmp for x400Address bsc1207533. - CVE-2023-0215: Fixed use-after-free following BIOnewNDEF bsc1207536. - CVE-2022-4304: Fixed timing Oracle in RSA Decryption bsc1207534....

SUSE-SU-2023:0305-2 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERALNAMEcmp for x400Address bsc1207533. - CVE-2023-0215: Fixed use-after-free following BIOnewNDEF bsc1207536. - CVE-2022-4304: Fixed timing Oracle in RSA Decryption bsc1207534...

SUSE-SU-2022:4586-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2022-3996: Fixed X.509 Policy Constraints Double Locking bsc1206374...

CVE-2021-3601

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. OpenSSL does not class this issue as a security vulnerability. The trusted CA store should not contain anything that the user does not trust to issue other certificates. Notes:...

MGASA-2022-0255 Updated openssl packages fix security vulnerability

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...

SUSE-SU-2022:2309-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in crehash. bsc1200550 - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode. bsc1201099...

SUSE-SU-2022:2251-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2022-1292: Fixed command injection in crehash bsc1199166. - CVE-2022-2068: Fixed more shell code injection issues in crehash. bsc1200550...

SUSE-SU-2022:2197-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2022-1292: Fixed command injection in crehash bsc1199166. - CVE-2022-2068: Fixed more shell code injection issues in crehash. bsc1200550...