openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CVE-2025-14575

An Uncontrolled Search Path Element vulnerability affects the Qt Network (qtbase) OpenSSL TLS backend in the Qt Framework (Unix). A crafted certificate file placed in the application’s working directory can cause the loading of a rogue CA certificate as a trusted system authority. Local attacker ...

EUVD-2025-209891

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

CVE-2025-14575 Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

CVE-2025-14575 Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

Moderate: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

CLSA-2026-1779179759 Update of openssl

Rebuilt els9 for FIPS review...

Fedora 43 : rust-oo7-cli (2026-9695dd338f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9695dd338f advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

Fedora 44 : rust-ingredients (2026-6b01755e7d)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6b01755e7d advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to...

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-317...

Fedora 44 : rust-sevctl (2026-941244e8ee)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-941244e8ee advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

RHEL 10 : openssl (RHSA-2026:19066)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19066 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

Fedora 43 : rust-rpki (2026-f55df93b17)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f55df93b17 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

Fedora 43 : rust-tealdeer (2026-95cc69e19a)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-95cc69e19a advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

Fedora 43 : rust-sevctl (2026-72a1f0b109)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-72a1f0b109 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

RHEL 9 : compat-openssl11 (RHSA-2026:19187)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:19187 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from th...

Fedora 44 : rust-oo7-cli (2026-8e53f4aa95)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8e53f4aa95 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...