CLSA-2026-1776427525 golang: Fix of 3 CVEs

CVE-2025-61723: fix non-linear processing time when parsing invalid PEM inputs that could lead to denial of service - CVE-2025-58187: fix quadratic complexity when checking name constraints in crypto/x509 certificate validation - CVE-2025-58188: fix panic when validating certificates with DSA...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2025-078 (ALASECS-2025-078)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-078 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values...

Amazon Linux 2023 : runfinch-finch (ALAS2023-2025-1270)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1270 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2025-1271)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1271 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

Important: rclone

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

AZL-78915 CVE-2025-58188 affecting package golang 1.25.7-1

Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains...

CVE-2025-58188

CVE-2025-58188 (panic on validating certificate chains with DSA keys) is confirmed in an F5 advisory tied to BIG-IP Next for Kubernetes. Affected component set includes TMM, f5-dwbld, and f5-downloader; the root cause is a cast assuming an Equal method when validating certificate chains containin...

EUVD-2009-0034

Malware in sbrugna...

K000149306: OpenSSL vulnerability CVE-2024-4603

Security Advisory Description Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or...

Low: Red Hat Security Advisory: openssl and openssl-fips-provider security update

An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Checking excessively long DSA keys or parameters may be very slow

OpenSSL contains an unbounded computation flaw when performing checks on excessively large DSA keys or parameters, which could lead to a denial-of-service DoS attack. The OpenSSL pkey, pkeyparam command line apps, and FIPS providers are affected...

Low: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Unbounded memory growth with session handling in TLSv1.3 CVE-2024-2511 openssl: Excessive time...

ALSA-2024:9333 Low: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Unbounded memory growth with session handling in TLSv1.3 CVE-2024-2511 openssl: Excessive time...

Ubuntu: Security Advisory (USN-6937-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6937-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled TLSv1.3 sessions when certain non-default TLS server configurations were in use. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. CVE-2024-2511 It was discovered that OpenSSL...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : OpenSSL vulnerabilities (USN-6937-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6937-1 advisory. It was discovered that OpenSSL incorrectly handled TLSv1.3 sessions when certain non-default TLS server configurations were in us...

CentOS 9 : openssl-3.2.2-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the openssl-3.2.2-1.el9 build changelog. - Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact...

Updated openssl packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Excessive time spent checking DSA keys and parameters. CVE-2024-4603 Use After Free with SSLfreebuffers. CVE-2024-4741...

MGASA-2024-0200 Updated openssl packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Excessive time spent checking DSA keys and parameters. CVE-2024-4603 Use After Free with SSLfreebuffers. CVE-2024-4741...

FreeBSD : OpenSSL -- Denial of Service vulnerability (b88aa380-1442-11ef-a490-84a93843eb75)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b88aa380-1442-11ef-a490-84a93843eb75 advisory. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary:...