Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability (CVE-2016-8610)

Question Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability CVE-2016-8610 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"Al...

GHSA-537C-GMF6-5CCF Vulnerable OpenSSL included in cryptography wheels

pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in wheels prior to cryptograph 48.01 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20260609.txt. If yo...

EulerOS Virtualization 2.13.0 : openssl (EulerOS-SA-2026-2412)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can...

GHSA-Q457-VX59-3FQG vulnerabilities

Vulnerabilities for packages: openssl...

GHSA-H2CC-WX97-XP8V vulnerabilities

Vulnerabilities for packages: openssl...

CVE-2026-42769 vulnerabilities

Vulnerabilities for packages: openssl...

GHSA-VGXX-5XJ5-Q97X vulnerabilities

Vulnerabilities for packages: openssl...

CVE-2026-28386 vulnerabilities

Vulnerabilities for packages: openssl...

GHSA-GXHG-7JX8-M22J vulnerabilities

Vulnerabilities for packages: openssl...

GHSA-5PG7-F6XV-J6M4 vulnerabilities

Vulnerabilities for packages: openssl...

GHSA-5M8F-M8JV-3RP3 vulnerabilities

Vulnerabilities for packages: openssl...

CVE-2026-34183 vulnerabilities

Vulnerabilities for packages: openssl...

CVE-2026-28390 vulnerabilities

Vulnerabilities for packages: openssl...

openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

A flaw was found in the Certificate Management Protocol CMP implementation within OpenSSL. An attacker with existing Registration Authority RA level credentials could exploit an error in the certificate verification process during a Root Certificate Authority CA key update. This vulnerability...

openssl: AES-OCB IV Ignored on EVP_Cipher() Path

A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface EVPCipher will have their provided Initialization Vector IV silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the...

openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...

GHSA-VC8W-W49C-4JGJ vulnerabilities

Vulnerabilities for packages: openssl, libcrypto3-2.34...

GHSA-RPJ2-P5PJ-R33V vulnerabilities

Vulnerabilities for packages: openssl, libcrypto3-2.34...

GHSA-5M8F-M8JV-3RP3 vulnerabilities

Vulnerabilities for packages: openssl, libcrypto3-2.34...

GHSA-F5VX-F6JP-89J6 vulnerabilities

Vulnerabilities for packages: openssl, libcrypto3-2.34...