149 matches found
CVE-2022-43507
Improper buffer restrictions in the IntelR QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable escalation of privilege via network access...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
CVE-2025-0306
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service. Mitigation See the following possible...
PT-2026-4943
Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.5 and 3.6 Description The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. This can lead a user to believe an entire file ...
BIT-NODE-MIN-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT
The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...
BIT-NODE-MIN-2022-3602 X.509 Email Address 4-byte Buffer Overflow
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 CVE-2024-41996: Avoid expensive public key validation for known safe-prime groups DHEATATTACK bsc1230698 Patch Instructions: To install this SUSE update use the SUSE recommended...
bitcoin-harness (=0.1.0), bitcoin_rpc_client (>=0.5.0 <=0.6.1) +80 more potentially affected by unknown CVE via openssl (>=0.10.22 <=0.10.57)
openssl CARGO version =0.10.22, =0.5.0, =0.2.0, =0.0.0, =0.0.1, =0.3.3, =0.6.25, =0.1.0-alpha.0, =0.1.24, =0.37.0, =0.4.0, =0.37.0, =0.37.0, =0.38.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-Q445-7M23-QRMW...
AIX is vulnerable to a denial of service (CVE-2024-2511 CVE-2024-0727) due to OpenSSL
IBM SECURITY ADVISORY First Issued: Tue Jul 16 15:22:01 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/openssladvisory41.asc Security Bulletin: AIX is vulnerable to a denial of service CVE-2024-2511, CVE-2024-0727 due to OpenS...
AZL-42616 CVE-2024-2408 affecting package php for versions less than 8.3.8-1
The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...
CVE-2024-2408
The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...
CVE-2024-2408 PHP is vulnerable to the Marvin Attack
The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...
OpenSSL 0.9.7 < 0.9.7h Vulnerability
The version of OpenSSL installed on the remote host is prior to 0.9.7h. It is, therefore, affected by a vulnerability as referenced in the 0.9.7h advisory. - The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option,...
OpenSSL 3.2.0 < 3.2.2 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.2.2 advisory. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the function...
OpenSSL 3.2.0 < 3.2.1 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.2.1 advisory. - Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service...
bitcoin-harness (=0.1.0), bitcoin_rpc_client (>=0.5.0 <=0.6.1) +80 more potentially affected by unknown CVE via openssl (>=0.10.22 <=0.10.57)
openssl CARGO version =0.10.22, =0.5.0, =0.2.0, =0.0.0, =0.0.1, =0.3.3, =0.6.25, =0.1.0-alpha.0, =0.1.24, =0.37.0, =0.4.0, =0.37.0, =0.37.0, =0.38.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0072...
OpenSSL 3.0.0 < 3.0.10 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.0.10. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.10 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functio...
ALPINE-CVE-2023-2650
Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in libcurl (CVE-2022-32221)
Summary A vulnerability in libcurl used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2022-32221 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a flaw when using the read callback CURLOPTREADFUNCTION to ask for...