Astra Linux - уязвимость в openssl

Issue Summary: Generating excessively long X9.42 DH keys or checking overly long X9.42 DH keys or parameters can be very slow. Applications that use functions like DHgeneratekey to generate an X9.42 DH key may experience prolonged delays. Similarly, applications that use DHcheckpubkey,...

MiracleLinux 8 : edk2-20220126gitbb1bba3d77-6.el8_9.3 (AXSA:2024-7542:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7542:02 advisory. openssl: Excessive time spent checking DH keys and parameters CVE-2023-3446 Tenable has extracted the preceding description block directly from the...

EUVD-2023-57969

Malicious code in bioql PyPI...

OESA-2025-1802 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications th...

Linux Distros Unpatched Vulnerability : CVE-2023-3446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or...

Oracle Linux 9 : openssl / and / openssl-fips-provider (ELSA-2024-9333)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9333 advisory. - Fix CVE-2024-6119: Possible denial of service in X.509 name checks Resolves: RHEL-55339 - Fix CVE-2024-5535: SSLselectnextproto buffer overread...

Security Bulletin: IBM Master Data Management is vulnerable to a denial of service from a flaw in DH keys or parameters in OpenSSL (CVE-2023-3446)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a denial of service from a flaw in DH keys or parameters in OpenSSL. OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DHcheck, DHcheckex or EVPPKEYparamcheck functions to check a DH key or DH...

Security Bulletin: IBM Master Data Management is vulnerable to a denial of service from a flaw in DH keys or parameters in OpenSSL (CVE-2023-3817)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a denial of service from a flaw in DH keys or parameters in OpenSSL. OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DHcheck, DHcheckex or EVPPKEYparamcheck functions to check a DH key or DH...

CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm / edk2 / hvloader / kata-containers / kata-containers-cc / nodejs (CVE-2023-5678)

The version of cloud-hypervisor-cvm / edk2 / hvloader / kata-containers / kata-containers-cc / nodejs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5678 advisory. - Issue summary: Generating...

EulerOS 2.0 SP12 : shim (EulerOS-SA-2024-1876)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that...

EulerOS Virtualization 3.0.6.6 : shim (EulerOS-SA-2024-1666)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions...

EulerOS Virtualization 3.0.6.6 : openssl098e (EulerOS-SA-2024-1661)

According to the versions of the openssl098e package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1706)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : openssl (EulerOS-SA-2024-1660)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the...

EulerOS Virtualization 3.0.6.6 : shim-signed (EulerOS-SA-2024-1667)

According to the versions of the shim-signed package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very...

Huawei EulerOS: Security Advisory for compat-openssl10 (EulerOS-SA-2024-1675)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : openssl (EulerOS-SA-2024-1695)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very...

Huawei EulerOS: Security Advisory for shim-signed (EulerOS-SA-2024-1667)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1660)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for linux-sgx (EulerOS-SA-2024-1596)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...