NewStart CGSL MAIN 7.02 : openssl Multiple Vulnerabilities (NS-SA-2025-0049)

The remote NewStart CGSL host, running version MAIN 7.02, has openssl packages installed that are affected by multiple vulnerabilities: - Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes...

GHSA-V8QH-5C5W-48PP vulnerabilities

Vulnerabilities for packages: openssl...

CVE-2025-4575 vulnerabilities

Vulnerabilities for packages: openssl...

GHSA-V8QH-5C5W-48PP vulnerabilities

Vulnerabilities for packages: openssl...

Alibaba Cloud Linux 3 : 0148: openssl (ALINUX3-SA-2022:0148)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0148 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-1292: The crehash script does not...

Alibaba Cloud Linux 3 : 0006: openssl (ALINUX3-SA-2021:0006)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0006 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-1971: The X.509 GeneralName type is a...

Alibaba Cloud Linux 3 : 0025: openssl (ALINUX3-SA-2022:0025)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0025 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-1543: ChaCha20-Poly1305 is an AEA...

Alibaba Cloud Linux 3 : 0021: openssl (ALINUX3-SA-2021:0021)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3449: An OpenSSL TLS server may...

Alibaba Cloud Linux 3 : 0033: openssl (ALINUX3-SA-2023:0033)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0033 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-4304: A timing based side channel...

Advisory ROSA-SA-2025-2858

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-14.0.2.rv30 CVE-ID: CVE-2020-1971 BDU-ID: 2021-00872 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of...

Advisory ROSA-SA-2025-2857

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-14.0.1.rv3 CVE-ID: CVE-2020-1971 BDU-ID: 2021-00872 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of...

Important: Red Hat Security Advisory: ACS 4.5 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security RHACS. This release of RHACS includes the following bug fix: Fixed a bug to match the aggregation field of the compliance tables to the widgets for consistency. This release also addresses the following security vulnerabilitie...

Security Bulletin: Vulnerabilities in OpenSSH and OpenSSL affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in OpenSSH and OpenSSL affect IBM Storage Virtualize products and could allow arbitrary code execution, authentication bypass and denial of service. CVE-2024-6387 CVE-2024-6409 CVE-2023-2975 CVE-2023-3446 CVE-2023-3817 CVE-2023-5678. Vulnerability Details CVEID:CVE-2024-63...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.8 LTS and 12.8.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

Security Bulletin: Multiple Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP

Summary There are multiple vulnerabilities in the OpenSSL library used by IBM Sterling Connect:Direct for HP NonStop. IBM Sterling Connect:Direct for HP NonStop has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-0466 DESCRIPTION: The function X509VERIFYPARAMadd0policy is...

Security Bulletin: Mulltiple Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP NonStop

Summary There are multiple vulnerabilities in the OpenSSL library used by IBM Sterling Connect:Direct for HP NonStop. IBM Sterling Connect:Direct for HP NonStop has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: A timing based side channel exists in the...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors

Summary OpenSSL is used by IBM Tivoli Netcool System Service Monitors/Application Service Monitors for Network Transport. CVE-2024-9143 is identified as a potential risk for products using older versions of OpenSLL. These potential risks are resolved by updating IBM Tivoli Netcool System Service...

RLSA-2024:9088 Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest [CVE-2024-4741, CVE-2024-2511, CVE-2024-5535, CVE-2024-4603, CVE-2024-6119]

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed mutiple CVEs. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when...

Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM DevOps Code ClearCase

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM DevOps Code ClearCase. CVE-2024-4741, CVE-2024-2511, CVE-2024-5535, CVE-2024-4603, CVE-2024-6119 Vulnerability Details CVEID:CVE-2024-4741 DESCRIPTION: OpenSSL could allow a remote attacker to execute...