CVE-2026-35188 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

CVE-2026-42764 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

CVE-2026-34180 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

CVE-2026-34183 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

CVE-2026-42768 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

CVE-2026-42769 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

CVE-2026-42770 vulnerabilities

Vulnerabilities for packages: openssl-provider-fips-3.6.0, openssl-provider-fips-3.1.2, libcrypto3-2.34, openssl, openssl-provider-fips...

CVE-2026-45445 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

CVE-2026-45446 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

GHSA-5PG7-F6XV-J6M4 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

GHSA-F684-CPCQ-J565 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

GHSA-F5VX-F6JP-89J6 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

GHSA-4JGC-CJ59-F9MM vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

GHSA-5M8F-M8JV-3RP3 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

GHSA-58MV-QQMV-GQGV vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

GHSA-7PHF-QPM5-Q6P3 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX X9.42 peer key. Due to improper validation of the peer key's subgroup membership, an attacker can recover the victim's private key after a small number of key exchange attempts. This...

openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...

openssl: Possible NULL Dereference in Password-Based CMS Decryption

A flaw was found in OpenSSL. A remote attacker could exploit a NULL pointer dereference vulnerability in the Cryptographic Message Syntax CMS decryption process by providing a specially crafted password-encrypted CMS message. This occurs because the keyDerivationAlgorithm field, which is optional...