5 matches found
Astra Linux – Vulnerability in OpenSSL
A security vulnerability has been identified in all supported versions of OpenSSL, related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use o...
OESA-2024-1136 nodejs security update
Node.js is an open-source, cross-platform, JavaScript runtime environment, it executes JavaScript code outside of a browser. Security Fixes: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include polic...
Medium: openssl
Issue Overview: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers...
OpenSSL 3.0.0 < 3.0.9 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.0.9. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.9 advisory. - The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate...
[ASA-201910-12] go: denial of service
Arch Linux Security Advisory ASA-201910-12 ========================================== Severity: Medium Date : 2019-10-21 CVE-ID : CVE-2019-17596 Package : go Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1051 Summary ======= The package go before version 2:1.13.3...