JLSEC-2026-246 Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact...

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

K000149306: OpenSSL vulnerability CVE-2024-4603

Security Advisory Description Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or...

Checking excessively long DSA keys or parameters may be very slow

OpenSSL contains an unbounded computation flaw when performing checks on excessively large DSA keys or parameters, which could lead to a denial-of-service DoS attack. The OpenSSL pkey, pkeyparam command line apps, and FIPS providers are affected...

CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm / hvloader / nodejs18 (CVE-2023-5363)

The version of cloud-hypervisor-cvm / hvloader / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5363 advisory. - Issue summary: A bug has been identified in the processing of key and...

EulerOS Virtualization 3.0.6.6 : shim-signed (EulerOS-SA-2024-1667)

According to the versions of the shim-signed package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very...

CVE-2024-4603

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

CVE-2024-4603 Excessive time spent checking DSA keys and parameters

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

OpenSSL 3.3.0 < 3.3.1 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.3.1 advisory. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the function...

ALPINE-CVE-2023-6237

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

AZL-39946 CVE-2023-6237 affecting package openssl for versions less than 3.3.0-1

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

CVE-2023-6237

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

Ubuntu 18.04 LTS : OpenSSL vulnerabilities (USN-6709-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6709-1 advisory. It was discovered that checking excessively long DH keys or parameters may be very slow. A remote attacker could possibly use this issue to cause OpenSSL...

EulerOS Virtualization 2.11.1 : shim (EulerOS-SA-2024-1421)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tri...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1461)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : shim (EulerOS-SA-2024-1392)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow...

EulerOS Virtualization 2.10.1 : shim (EulerOS-SA-2024-1371)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow...

EulerOS Virtualization 2.9.1 : shim (EulerOS-SA-2023-3095)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate...

EulerOS 2.0 SP10 : openssl (EulerOS-SA-2024-1093)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact...

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2023-3039)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck,...

EulerOS 2.0 SP10 : openssl (EulerOS-SA-2023-3225)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck,...