rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

CipherCtxRef::cipherupdateinplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption whe...

EUVD-2024-34445

Malicious code in bioql PyPI...

DLA-4176-1 openssl - security update

Bulletin has no description...

Advisory ROSA-SA-2025-2853

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-14.0.1.rv3 CVE-ID: CVE-2024-5535 BDU-ID: 2024-06988 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSLselectnextproto function of the TLS and SSL OpenSSL protocol toolkit is related to information disclosure...

GHSA-4FC7-MVRR-WV2C vulnerabilities

Vulnerabilities for packages: openssl...

RUSTSEC-2025-0004 ssl::select_next_proto use after free

In openssl versions before 0.10.70, ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the server buffer's lifetime is shorter than the client buffer's, this can cause a use after free. This coul...

CVE-2024-28885

Observable discrepancy in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access...

CVE-2024-31074

The CVE affects Intel QAT Engine for OpenSSL. Observable timing discrepancy may disclose information via network access in some Intel QAT Engine for OpenSSL before v1.6.1. Connected advisories indicate fixes are included in QAT Engine 1.7.0, with 1.6.1 release of that line addressing this issue. ...

CVE-2024-33617

Insufficient control flow management in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access...

DLA-3942-2 openssl - regression update

Bulletin has no description...

CVE-2024-9143 vulnerabilities

Vulnerabilities for packages: openssl-provider-fips, openssl...

DSA-4875-1 openssl - security update

Bulletin has no description...

DLA-2378-1 openssl1.0 - security update

Bulletin has no description...

DLA-1701-1 openssl - security update

Bulletin has no description...

CVE-2014-3511

The ssl23getclienthello function in s23srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol...

CVE-2011-4108

The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack...