23343 matches found
python311-pyOpenSSL-26.1.0-1.1 on GA media (moderate)
python311-pyOpenSSL-26.1.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10646-1 Rating: moderate Cross-References: CVE-2026-40475 CVSS scores: CVE-2026-40475 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-40475 SUSE : 6.8...
CLSA-2026-1777455447 openssl: Fix of CVE-2026-28387
CVE-2026-28387: fix use-after-free / double-free in danematch by releasing the previously stored dane-mcert with X509free instead of OPENSSLfree; the slot is reference-bumped via X509upref so the matching free is X509free...
CVE-2026-41677
A flaw was found in rust-openssl, a library that provides OpenSSL functionalities for Rust applications. The library's password callback functions did not correctly check the size of data provided by a user's callback. This oversight could allow a specially crafted password callback to read beyon...
Fedora 43 : edk2 (2026-a484707720)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a484707720 advisory. unbreak https boot ---- update openssl to 3.5.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
RHSA-2026:10754 Red Hat Security Advisory: RHUI 4.11.4 security update - python-pyOpenSSL
Bulletin has no description...
[SECURITY] Fedora 43 Update: openvpn-2.6.20-1.fc43
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
[SECURITY] Fedora 43 Update: openssl-3.5.4-3.fc43
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...
Fedora 43 : openssl (2026-47fffff581)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-47fffff581 advisory. Backport security patches from OpenSSL 3.5.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Juniper Junos OS Multiple Vulnerabilities (JSA88107)
The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA88107 advisory. - Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use...
PT-2026-35886
Name of the Vulnerable Software and Affected Versions python-pyOpenSSL versions prior to 26.1.0-1.1 Description Improper input handling of null bytes can lead to silent data truncation and security-state inconsistency. Recommendations Update to version 26.1.0-1.1...
OPENSUSE-SU-2026:10646-1 python311-pyOpenSSL-26.1.0-1.1 on GA media
These are all security issues fixed in the python311-pyOpenSSL-26.1.0-1.1 package on the GA media of openSUSE Tumbleweed...
JLSEC-2026-265 Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the...
Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...
JLSEC-2026-232 openssl-src contains Double free after calling `PEM_read_bio_ex`
The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...
JLSEC-2026-251 Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed...
Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...
JLSEC-2026-218 In situations where an attacker receives automated notification of the success or failure of a...
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted...
JLSEC-2026-264 Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code...
Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...
JLSEC-2026-216 There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with...
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
JLSEC-2026-263 Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file...
Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...
JLSEC-2026-256 Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can...
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...
JLSEC-2026-219 Null pointer deference in openssl-src
Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm i...