40 matches found
Security Bulletin: Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System [CVE-2024-6119]
Summary Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System. Vulnerability was addressed by IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: Issue summary: Applications performing certificate name checks e.g., TLS clients checking server...
CVE-2026-9648
The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA’s permitted subtrees. This oversight enables an attacker who compromises a name-constrained sub-CA to...
JLSEC-2026-253 Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server...
Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of...
CLEANSTART-2026-GL70025 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Multiple security vulnerabilities affect the argo-cd-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details...
MiracleLinux 9 : openssl-3.0.7-28.el9_4.ML.1 (AXSA:2024-8829:06)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8829:06 advisory. openssl: Possible denial of service in X.509 name checks CVE-2024-6119 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : edk2-20231122-6.el9_4.4 (AXSA:2024-8977:11)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8977:11 advisory. openssl: Possible denial of service in X.509 name checks CVE-2024-6119 Tenable has extracted the preceding description block directly from the MiracleLinux...
TencentOS Server 4: openssl (TSSA-2024:0532)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0532 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
NewStart CGSL MAIN 7.02 : openssl Multiple Vulnerabilities (NS-SA-2025-0088)
The remote NewStart CGSL host, running version MAIN 7.02, has openssl packages installed that are affected by multiple vulnerabilities: - Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2024-6119: Fixed denial of service in X.509 name checks bsc1229465 Other fixes: FIPS: Deny SHA-1 signature verification in FIPS provider bsc1221365. FIPS: RSA keygen PCT requirements. FIPS: Check that the fips provider is available before...
Linux Distros Unpatched Vulnerability : CVE-2024-6119
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address...
Siemens SIMATIC and SCALANCE Type Confusion (CVE-2024-6119)
Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service...
K000149304: OpenSSL vulnerability CVE-2024-6119
Security Advisory Description Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an...
F5 Networks BIG-IP : OpenSSL vulnerability (K000149304)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000149304 advisory. Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may...
Astra Linux – Vulnerability in OpenSSL
Issue summary: Applications that perform certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address, resulting in an abnormal termination of the application process. Impact summary: An abnormal termination of an application can cause a...
Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2024-6119
Summary IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2024-6119 caused by an error when performing certificate name checks. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing certificate...
Security Bulletin:cryptography-42.0.7-cp39-abi3-manylinux_2_28_x86_64.whl Vulnerability Affects IBM Data Observability by Databand (CVE-2024-6119)
Summary A vulnerability in cryptography-42.0.7-cp39-abi3-manylinux228x8664.whl was addressed in IBM Data Observability by Databand Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing certificate name checks e.g.,...
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to OpenSSL and libexpat
Summary OpenSSL and Libexpat used by IBM MQ Operator and Queue Manager container images are vulnerable to denial of service due to improper memory allocation, and providing weaker than expected security which might allow an attacker to execute arbitrary code on the system. This bulletin identifie...
Medium: openssl
Issue Overview: Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a...
Security Bulletin: z/Transaction Processing Facility is affected by an OpenSSL vulnerability
Summary The z/TPF version of OpenSSL was updated to address the vulnerability described by CVE-2024-6119. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing certificate name checks e.g., TLS clients checking serv...
OESA-2024-2179 openssl security update
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. The project i...