CentOS 9 : openssl-3.0.7-18.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the openssl-3.0.7-18.el9 build changelog. - Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may...

Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2023-051)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-051 advisory. The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates...

Amazon Linux 2022 : openssl (ALAS2022-2022-104)

The version of openssl installed on the remote host is prior to 3.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-104 advisory. The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is...

ALSA-2022:6224 Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: crehash script allows command injection CVE-2022-1292 openssl: Signer certificate verification...

GHSA-MFM6-R9G2-Q4R7 `OCSP_basic_verify` may incorrectly verify the response signing certificate

The function OCSPbasicverify verifies the signer certificate on an OCSP response. In the case where the non-default flag OCSPNOCHECKS is used then the response will be positive meaning a successful verification even in the case where the response signing certificate fails to verify. It is...

CVE-2022-1343

The function OCSPbasicverify verifies the signer certificate on an OCSP response. In the case where the non-default flag OCSPNOCHECKS is used then the response will be positive meaning a successful verification even in the case where the response signing certificate fails to verify. It is...

RUSTSEC-2022-0027 `OCSP_basic_verify` may incorrectly verify the response signing certificate

The function OCSPbasicverify verifies the signer certificate on an OCSP response. In the case where the non-default flag OCSPNOCHECKS is used then the response will be positive meaning a successful verification even in the case where the response signing certificate fails to verify. It is...

CVE-2022-1343

The function OCSPbasicverify verifies the signer certificate on an OCSP response. In the case where the non-default flag OCSPNOCHECKS is used then the response will be positive meaning a successful verification even in the case where the response signing certificate fails to verify. It is...