14 matches found
SUSE SLES16 Security Update : openssl-3 (SUSE-SU-2025:21213-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21213-1 advisory. - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in...
openSUSE 16 Security Update : openssl-3 (openSUSE-SU-2025:20164-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20164-1 advisory. - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm...
SUSE-SU-2025:21224-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM bsc1250233 - CVE-2025-9232: Fixed out-of-bounds read in HTTP client noproxy handling...
OPENSUSE-SU-2025:20164-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM bsc1250233 - CVE-2025-9232: Fixed out-of-bounds read in HTTP client noproxy handling...
Amazon Linux 2023 : openssl, openssl-devel, openssl-fips-provider-latest (ALAS2023-2025-1225)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1225 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may...
Ubuntu: Security Advisory (USN-7786-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenSSL 3.2.0 < 3.2.6 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.2.6 advisory. - Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm...
FreeBSD : OpenSSL -- multiple vulnerabilities (00e912c5-9e92-11f0-bc5f-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 00e912c5-9e92-11f0-bc5f-8447094a420f advisory. The OpenSSL project reports reports: Out-of-bounds read & write in RFC 3211 KEK Unwrap Timing...
USN-7786-1 openssl, openssl1.0 vulnerabilities
Stanislav Fort discovered that OpenSSL incorrectly handled memory when trying to decrypt CMS messages encrypted with password-based encryption. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-9230 Stanislav Fort discovered that OpenSSL ha...
OpenSSL 3.3.0 < 3.3.5 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.3.5. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.3.5 advisory. - Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm...
FreeBSD Security Advisory - FreeBSD-SA-25:08.openssl
FreeBSD Security Advisory - FreeBSD includes software from the OpenSSL Project. OpenSSL suffers from some new vulnerabilities. An application trying to decrypt cryptographic message syntax CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. A timing...
FreeBSD-SA-25:08.openssl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:08.openssl Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in OpenSSL Category: contrib Module: openssl Announced: 2025-09-30 Credits:...
OpenSSL 3.4.0 < 3.4.3 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.4.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.3 advisory. - Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm...
OpenSSL -- multiple vulnerabilities
The OpenSSL project reports reports: Out-of-bounds read & write in RFC 3211 KEK Unwrap Timing side-channel in SM2 algorithm on 64-bit ARM Fix Out-of-bounds read in HTTP client noproxy handling...