21 matches found
SUSE SLES12 Security Update : python-pyOpenSSL (SUSE-SU-2024:3749-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3749-1 advisory. - Fixed error caused by a regression in fix for CVE-2018-1000807 bsc1231700 Tenable has extracted the preceding description block directly...
SUSE: Security Advisory (SUSE-SU-2024:3749-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for python-pyOpenSSL
This update for python-pyOpenSSL fixes the following issues: Fixed error caused by a regression in fix for CVE-2018-1000807 bsc1231700 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
SUSE-SU-2024:3749-1 Security update for python-pyOpenSSL
This update for python-pyOpenSSL fixes the following issues: - Fixed error caused by a regression in fix for CVE-2018-1000807 bsc1231700...
SUSE: Security Advisory (SUSE-SU-2024:1626-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : python-pyOpenSSL (SUSE-SU-2024:1626-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1626-1 advisory. - CVE-2018-1000807: Fixed a use-after-free in X509 object handling bsc1111635 - CVE-2018-1000808: Fixed a use-after-free in PKCS 12...
RHEL 8 : pyopenssl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pyOpenSSL: Use-after-free in X509 object handling CVE-2018-1000807 - Python Cryptographic Authority...
RHEL 7 : pyOpenSSL (RHSA-2019:0085)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0085 advisory. The pyOpenSSL packages provide a high-level wrapper around a subset of the OpenSSL library for the Python programming language. Security...
Huawei EulerOS: Security Advisory for pyOpenSSL (EulerOS-SA-2023-1283)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : pyOpenSSL (EulerOS-SA-2023-1283)
According to the versions of the pyOpenSSL package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X5...
SUSE: Security Advisory (SUSE-SU-2018:4063-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for python-cryptography, python-pyOpenSSL (openSUSE-SU-2019:1104-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : python-cryptography / python-pyOpenSSL (openSUSE-2019-1104)
This update for python-cryptography, python-pyOpenSSL fixes the following issues : Security issues fixed : - CVE-2018-1000808: A memory leak due to missing reference checking in PKCS12 store handling was fixed bsc1111634 - CVE-2018-1000807: A use-after-free in X509 object handling was fixed...
Moderate: Red Hat Security Advisory: pyOpenSSL security and bug fix update
An update for pyOpenSSL is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Ubuntu: Security Advisory (USN-3813-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS : pyOpenSSL vulnerabilities (USN-3813-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3813-1 advisory. It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to cras...
USN-3813-1: pyOpenSSL vulnerabilities
It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-1000807 It was discovered that pyOpenSSL incorrectly handled...
burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000807 via pyopenssl (>=16.0.0 <=17.4.0)
pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000807 Source advisory: OSV:GHSA-P28M-34F6-967Q...
burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000807 via pyopenssl (>=16.0.0 <=17.4.0)
pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000807 Source advisory: OSV:PYSEC-2018-23...
CVE-2018-1000807
CVE-2018-1000807 concerns Python-pyOpenSSL before 17.5.0, with a CWE-416 Use-After-Free in X509 object handling that can lead to denial of service or remote code execution. The vulnerability is reported as fixed in 17.5.0. Connected sources (SUSE-SU-2024:1626-1; SUSE-SU-2024:3749-1; OSV entries) ...