MiracleLinux 4 : openssl-1.0.0-20.AXS4.1 (AXSA:2012-76:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-76:02 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

USN-6673-2 python-cryptography vulnerability

USN-6673-1 provided a security update for python-cryptography. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding i...

USN-6673-1 python-cryptography vulnerabilities

Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding in RSA PKCS1 v1.5. A remote attacker could possibly use this issue to expose confidential or sensitive information. CVE-2023-50782 It was discovered that...

PT-2024-5790 · Openssl +6 · Openssl +6

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 8.1.29 PHP versions prior to 8.2.20 PHP versions prior to 8.3.8 Description: The issue is related to the openssl private decrypt function in PHP when using PKCS1 padding, which is the default. This makes PHP vulnerable t...

BSA-2022-765

Security Advisory ID : BSA-2022-765 Component : OpenSSL Revision : 1.0 If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0-byte record is...

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...