14 matches found
SUSE SLES12: clamav / clamav-devel / clamav-docs-html / clamav-milter / etc (SUSE-SU-2026:2833-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2833-1 advisory. This update for clamav fixes the following issues - CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to...
SUSE-SU-2026:2834-1 Security update for clamav
This update for clamav fixes the following issues - CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to cause a denial of service bsc1270107. - CVE-2026-20214: FSG file format parser could allow an unauthenticated, remote attacker to cause a denial of service...
SUSE SLED15: cryptsetup / cryptsetup-doc / cryptsetup-lang / cryptsetup-ssh / etc (SUSE-SU-2026:2777-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2777-1 advisory. This update for cryptsetup, s390-tools fixes the following issue Security fixes: - CVE-2026-41676: openssl:...
SUSE CVE-2026-41676
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...
Security Bulletin: IBM Edge Data Collector uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41676, CVE-2026-41677, CVE-2026-41678, CVE-2026-41681
Summary IBM Edge Data Collector Component uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41676, CVE-2026-41677, CVE-2026-41678, CVE-2026-41681. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41676 DESCRIPTION: rust-openssl provide...
Fedora 44 : rust-coreos-installer (2026-eeb94c0e5e)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-eeb94c0e5e advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Fedora 44 : rust-rpki (2026-aac0adf7f7)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-aac0adf7f7 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Fedora 43 : rust-oo7-cli (2026-9695dd338f)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9695dd338f advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Fedora 44 : rust-oo7-cli (2026-8e53f4aa95)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8e53f4aa95 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
CVE-2026-41676
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...
CVE-2026-41676
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...
CVE-2026-41676
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...
CVE-2026-41676 rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...
CVE-2026-41676 vulnerabilities
Vulnerabilities for packages: guestproxyagent, bootc, typst, deno, rustls-openssl-client, sdp-k8s-injector, rpm-sequoia, komodo, ztunnel-fips, rustup, sccache, sqlx, valkey-ldap, vector, sentry-cli...