CVE-2026-45784 vulnerabilities

Vulnerabilities for packages: rustls-openssl-client, sdp-k8s-injector, sqlx, typst, komodo, rpm-sequoia, sccache, valkey-ldap, bootc, rustup, guestproxyagent, ztunnel-fips, sentry-cli, vector, deno...

GHSA-PHQJ-4MHP-Q6MQ vulnerabilities

Vulnerabilities for packages: rustls-openssl-client, sdp-k8s-injector, sqlx, typst, komodo, rpm-sequoia, sccache, valkey-ldap, bootc, rustup, guestproxyagent, ztunnel-fips, sentry-cli, vector, deno...

CVE-2026-41898 vulnerabilities

Vulnerabilities for packages: rustls-openssl-client, sdp-k8s-injector, sqlx, typst, komodo, rpm-sequoia, sccache, valkey-ldap, bootc, rustup, guestproxyagent, ztunnel-fips, sentry-cli, vector, deno...

CVE-2025-9232 Out-of-bounds read in HTTP client no_proxy handling

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

GHSA-X268-QPG6-W9G2 CrateDB has a Client initialized Session-Renegotiation DoS

Summary Client-Initiated TLS Renegotiation Denial of Service DoS Vulnerability at Port 4200 Details A high-risk vulnerability has been identified where the TLS endpoint port 4200 permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly request...

CVE-2024-37309

CrateDB is a distributed SQL database. A high-risk vulnerability has been identified in versions prior to 5.7.2 where the TLS endpoint port 4200 permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly request renegotiation of security parameter...

DEBIAN-CVE-2015-0204

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORTRSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to...

CVE-2010-2939

Double free vulnerability in the ssl3getkeyexchange function in the OpenSSL client ssl/s3clnt.c in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted...

Double free

Double free vulnerability in the ssl3getkeyexchange function in the OpenSSL client ssl/s3clnt.c in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted...