Important: openssl11

Issue Overview: Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NU...

RockyLinux 9 : compat-openssl11 (RLSA-2026:4472)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:4472 advisory. openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419 Tenable has extracted the preceding description block...

Important: openssl11

Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths,...

Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3169 (ALAS-2026-3169)

The version of openssl11 installed on the remote host is prior to 1.1.1zf-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3169 advisory. Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

Medium: openssl11

Issue Overview: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds...

Low: openssl11

Issue Overview: No CVE associated with this advisory Affected Packages: openssl11 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update openssl11 or yum update...