OpenSSL Security Advisory 20260407

OpenSSL Security Advisory 20260407 - Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigge...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-2613)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-GW89-822V-8V8G Duplicate Advisory: `openssl` `X509VerifyParamRef::set_host` buffer over-read

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xcf7-rvmh-g6q4. This link is maintained to preserve external references. Original Description The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-1432)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-1338)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-1275)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2023-0264 Updated nodejs packages fix security vulnerability

This is a security release. As well, it fixes v8 headers detection mga28809 The following CVEs are fixed in this release: CVE-2023-32002: Policies can be bypassed via Module.load High CVE-2023-32006: Policies can be bypassed by module.constructor.createRequire Medium CVE-2023-32559: Policies can ...

MGASA-2023-0226 Updated nodejs packages fix security vulnerability

Current nodejs 14 branch in Mageia 8 is end of life and there are no more security updates. This release allows to move to the new nodejs 18 LTS branch and fixes the following CVEs CVE-2023-30581: mainModule.proto Bypass Experimental Policy Mechanism High CVE-2023-30585: Privilege escalation via...

SA40015 - OpenSSL security advisory for January 8th, 2015 (including SSL "FREAK" issue)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On January 8th 2015, the OpenSSL project released a security advisory. This advisory included eight 8 new CVEs. This article will describe the vulnerability and fix status for the Puls...

SA40168 - [Pulse Secure] March 1st 2016 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On March 1st 2016 the OpenSSL project announced new security advisories. These issues may affect Pulse Secure products. The OpenSSL advisory can be found at the following link:...

SA40312 - September 22 2016 OpenSSL Security Advisory

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On September 22, 2016 the OpenSSL project announced a group of new security advisories. These issues affect all supported versions of Pulse Secure products. For a list of supported...

SA44019 - February 26 2019 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On February 26 2019, the OpenSSL project announced a group of new security advisories. These issues may affect Pulse Secure products. Refer to KB43892 - What releases will Pulse Secure...

SA44845 - OpenSSL Security Advisory CVE-2021-3450

On March 25 2021, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to resolve security vulnerabilities per our End of Engineering EOE and End of Life EOL policies. The OpenSSL adviso...

SA44676 - December 08 2020 OpenSSL Security Advisory

Problem On December 08 2020, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to resolve security vulnerabilities? per our End of Engineering EOE and End of Life EOL policies. The...

AIX OpenSSL Advisory : openssl_advisory11.asc (POODLE)

The version of OpenSSL installed on the remote host is affected by the following vulnerabilities : - An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that can allow denial of service attacks via memory leaks. CVE-2014-3513 - A man-in-the-middle MitM...