246 matches found
MiracleLinux 9 : compat-openssl11-1.1.1k-4.el9.ML.1 (AXSA:2022-4010:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4010:01 advisory. openssl: Infinite loop in BNmodsqrt reachable when parsing certificates CVE-2022-0778 Tenable has extracted the preceding description block directly from the...
MiracleLinux 7 : openssl-1.0.2k-25.el7 (AXSA:2022-3130:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3130:03 advisory. openssl: Infinite loop in BNmodsqrt reachable when parsing certificates CVE-2022-0778 Tenable has extracted the preceding description block directly from the...
TencentOS Server 3: compat-openssl10 (TSSA-2022:0130)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0130 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 2: openssl (TSSA-2023:0338)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0338 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Azure Linux 3.0 Security Update: edk2 / openssl (CVE-2022-0778)
The version of edk2 / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-0778 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loo...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
Fedora 37 : openssl1.1 (2022-d6cd1e0cc1)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-d6cd1e0cc1 advisory. Automatic update for openssl1.1-1.1.1n-1.fc37. Changelog Thu Mar 24 2022 Clemens Lang - 1:1.1.1n-1 - Upgrade to version 1.1.1n Resolves: CVE-2022-0778,...
Security Bulletin: IBM Master Data Management is vulnerable to denial of service from a vulnerability found in OpenSSL (CVE-2022-0778)
Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a denial of service from a vulnerability found in OpenSSL. OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function when parsing certificates. By using a specially-crafted certificate with invali...
CBL Mariner 2.0 Security Update: edk2 / openssl (CVE-2022-0778)
The version of edk2 / openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-0778 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loo...
Photon OS 3.0: Nxtgn PHSA-2022-3.0-0373
An update of the nxtgn package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0373. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 3.0: Nodejs PHSA-2022-3.0-0375
An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0375. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2022-0778 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2022-0778 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. A patched version of the package is available...
Fortinet Fortigate in OpenSSL library (FG-IR-22-059)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-059 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prim...
Siemens SCALANCE, SIMATIC and RUGGEDCOM Products Command Injection (CVE-2022-0778)
The BNmodsqrt function in openSSL, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve paramete...
CentOS 9 : compat-openssl11-1.1.1k-4.el9
The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the compat- openssl11-1.1.1k-4.el9 build changelog. - Infinite loop in BNmodsqrt reachable when parsing certificates CVE-2022-0778 Note that Nessus has not tested for this issue but has...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
Rocky Linux 9 : compat-openssl11 (RLSA-2022:4899)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4899 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function i...
Ubuntu: Security Advisory (USN-6457-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6457-1: Node.js vulnerabilities
Tavis Ormandy discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2022-0778 Elison Niven discovered that Node.js...