Linux Distros Unpatched Vulnerability : CVE-2021-3712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffe...

GLSA-202209-02 : IBM Spectrum Protect: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-02 IBM Spectrum Protect: Multiple Vulnerabilities - IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale...

EulerOS 2.0 SP3 : openssl (EulerOS-SA-2022-1181)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field...

EulerOS Virtualization 3.0.6.0 : openssl (EulerOS-SA-2022-1088)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2021-2920)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RLSA-2021:5226 Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Read buffer overruns processing ASN.1 strings CVE-2021-3712 For more details about the security...

Oracle Linux 8 : openssl (ELSA-2021-5226)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-5226 advisory. - CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings Tenable has extracted the preceding description block directly from the Oracle Linux...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2021-2770)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2021-2717)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2021-2717)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call...

Amazon Linux AMI : openssl (ALAS-2021-1541)

The version of openssl installed on the remote host is prior to 1.0.2k-16.154. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1541 advisory. It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application in...

SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2021:3019-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3019-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a...

SUSE SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2021:2994-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2994-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2021:2829-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2829-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a...

Ubuntu 18.04 LTS / 20.04 LTS : OpenSSL vulnerabilities (USN-5051-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5051-1 advisory. John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications usi...

PT-2021-4043

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.1.1 through 1.1.1k OpenSSL versions 1.0.2 through 1.0.2y Description The issue is related to the representation of ASN.1 strings within OpenSSL as an ASN1 STRING structure, which contains a buffer holding the string data and...