Azure Linux 3.0 Security Update: edk2 / hvloader / openssl / rust (CVE-2023-2650)

The version of edk2 / hvloader / openssl / rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2650 advisory. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data...

OESA-2024-1225 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2023-2825)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications th...

Oracle Linux 9 : edk2 (ELSA-2023-6330)

The remote Oracle Linux 9 host has packages installed that are affected by a denial of service vulnerability as referenced in the ELSA-2023-6330 advisory. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary:...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-3058)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-3075)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2835)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : openssl (ELSA-2023-12768)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12768 advisory. 3.0.7-16.0.1 - Replace upstream references Orabug: 34340177 Tenable has extracted the preceding description block directly from the Oracle Linux...

Amazon Linux 2 : openssl11 (ALAS-2023-2097)

The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2097 advisory. Issue summary: Processing some specially crafted ASN.1 object identifiers ordata containing them may be very slow. Impact...

Medium: openssl

Issue Overview: Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may...

K000135178: OpenSSL vulnerability CVE-2023-2650

Security Advisory Description Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message...

CLSA-2023-1687282015 Fix CVE(s): CVE-2023-2650

SECURITY UPDATE: Potential denial of service in OBJobj2txt translation - debian/patches/CVE-2023-2650.patch: Restrict size that OBJobj2txt will translate to canonical numeric text form is added, based on RFC 2578 - CVE-2023-2650...

CLSA-2023-1687269261 openssl: Fix of CVE-2023-2650

CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJobj2txt will translate - Update expired smime/SM2 certificates that affect tests...

CLSA-2023-1687268961 openssl: Fix of CVE-2023-2650

CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJobj2txt will translate - Update expired smime/SM2 certificates that affect tests...

OESA-2023-1356 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary:...

Denial Of Service (DoS)

openssl is vulnerable to Denial of Service DoS. The vulnerability causes applications using 'OBJobj2txt' directly, or use any OpenSSL subsystem with no message size limit to experience notable to very long delays when processing those messages, which may lead to a Denial of Service...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2023:2327-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2327-1 advisory. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary:...

AZL-37674 CVE-2023-2650 affecting package hvloader for versions less than 1.0.1-9

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

CVE-2023-2650 Possible DoS translating ASN.1 object identifiers

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

SUSE CVE-2014-3508

The OBJobj2txt function in crypto/objects/objdat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process...