16 matches found
SUSE SLES12 Security Update : python-pyOpenSSL (SUSE-SU-2024:1626-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1626-1 advisory. - CVE-2018-1000807: Fixed a use-after-free in X509 object handling bsc1111635 - CVE-2018-1000808: Fixed a use-after-free in PKCS 12...
SUSE: Security Advisory (SUSE-SU-2024:1626-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : pyOpenSSL (RHSA-2019:0085)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0085 advisory. The pyOpenSSL packages provide a high-level wrapper around a subset of the OpenSSL library for the Python programming language. Security...
Huawei EulerOS: Security Advisory for pyOpenSSL (EulerOS-SA-2023-1283)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : pyOpenSSL (EulerOS-SA-2023-1283)
According to the versions of the pyOpenSSL package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X5...
SUSE: Security Advisory (SUSE-SU-2018:4063-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : python-cryptography / python-pyOpenSSL (openSUSE-2019-1104)
This update for python-cryptography, python-pyOpenSSL fixes the following issues : Security issues fixed : - CVE-2018-1000808: A memory leak due to missing reference checking in PKCS12 store handling was fixed bsc1111634 - CVE-2018-1000807: A use-after-free in X509 object handling was fixed...
openSUSE: Security Advisory for python-cryptography, python-pyOpenSSL (openSUSE-SU-2019:1104-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Moderate: Red Hat Security Advisory: pyOpenSSL security and bug fix update
An update for pyOpenSSL is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Ubuntu 16.04 LTS : pyOpenSSL vulnerabilities (USN-3813-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3813-1 advisory. It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to cras...
Ubuntu: Security Advisory (USN-3813-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3813-1: pyOpenSSL vulnerabilities
It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-1000807 It was discovered that pyOpenSSL incorrectly handled...
burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000808 via pyopenssl (>=16.0.0 <=17.4.0)
pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000808 Source advisory: OSV:GHSA-2RCM-PHC9-3945...
burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000808 via pyopenssl (>=16.0.0 <=17.4.0)
pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000808 Source advisory: OSV:PYSEC-2018-24...
CVE-2018-1000808
CVE-2018-1000808 affects Python Cryptographic Authority pyopenssl prior to 17.5.0, describing a CWE-401 use-after-free in PKCS#12 Store handling that can lead to a Denial of Service when memory is constrained. The issue arises when loading/reloading certificates from PKCS#12, potentially triggere...
UBUNTU-CVE-2018-1000808
Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS 12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends...