compat-openssl11 security update

An update is available for compat-openssl11. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenSSL toolkit provides support for secure communications betwe...

RockyLinux 9 : compat-openssl11 (RLSA-2026:19187)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19187 advisory. openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419 Tenable has extracted the preceding description block...

Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3249 (ALAS-2026-3249)

The version of openssl11 installed on the remote host is prior to 1.1.1zg-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3249 advisory. Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE:...

RHEL 9 : compat-openssl11 (RHSA-2025:7937)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7937 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the...

Oracle Linux 9 : compat-openssl11 (ELSA-2025-7937)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-7937 advisory. 1:1.1.1k-5.1 - Fixes cve-2023-0286 X.400 address type confusion in X.509 GeneralName Resolves: RHEL-88969 1:1.1.1k-5 - Update expired certificates used in the...

AlmaLinux 9 : compat-openssl11 (ALSA-2025:7937)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:7937 advisory. openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 Tenable has extracted the preceding description block directly from the AlmaLinux security...

RHSA-2025:7937 Red Hat Security Advisory: compat-openssl11 security update

Bulletin has no description...

RHSA-2025:7733 Red Hat Security Advisory: compat-openssl11 security update

Bulletin has no description...

RHEL 9 : compat-openssl11 (RHSA-2025:7733)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7733 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the...

Medium: openssl11

Issue Overview: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring...

RHSA-2022:4899 Red Hat Security Advisory: compat-openssl11 security and bug fix update

Bulletin has no description...

Important: Red Hat Security Advisory: security update Logging for Red Hat OpenShift - 5.9.6

Important Logging for Red Hat OpenShift - 5.9.6 Logging for Red Hat OpenShift - 5.9.6 cluster-logging-rhel9-operator: compat-openssl11CVE-2023-0286...

Amazon Linux 2 : openssl11 (ALAS-2024-2605)

The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2605 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

Medium: openssl11

Issue Overview: openssl: Use After Free with SSLfreebuffers CVE-2024-4741 Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a...

Amazon Linux 2 : openssl11 (ALAS-2024-2621)

The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2621 advisory. openssl: Use After Free with SSLfreebuffers CVE-2024-4741 Issue summary: Calling the OpenSSL API function...

Low: openssl11

Issue Overview: No CVE associated with this advisory Affected Packages: openssl11 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update openssl11 to update you...

Amazon Linux 2 : openssl11 (ALAS-2024-2564)

The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2564 advisory. Issue summary: Some non-default TLS server configurations can cause unboundedmemory growth when processing TLSv1.3 sessions...

Medium: openssl11

Issue Overview: Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem...

Amazon Linux 2 : openssl11 (ALAS-2024-2478)

The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2478 advisory. Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack The...

CentOS 9 : compat-openssl11-1.1.1k-4.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the compat- openssl11-1.1.1k-4.el9 build changelog. - Infinite loop in BNmodsqrt reachable when parsing certificates CVE-2022-0778 Note that Nessus has not tested for this issue but has...