EulerOS Virtualization 2.13.1 : shim (EulerOS-SA-2026-2151)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impa...

Important: openssl-snapsafe

Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TY...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow or null pointer dereference in pkcs12/p12mutl.c‎. If a user can be convinced to process a malicious PKCS12 file, malicious keylength or salt values can be used to cause a crash. Subsequently, in the case of...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in OpenSSL

Summary Multiple vulnerabilities in OpenSSL used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2023-3817 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DHcheck, DHcheckex or EVPPKEYparamcheck functions to check a D...

AIX is vulnerable to a denial of service (CVE-2024-2511 CVE-2024-0727) due to OpenSSL

IBM SECURITY ADVISORY First Issued: Tue Jul 16 15:22:01 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/openssladvisory41.asc Security Bulletin: AIX is vulnerable to a denial of service CVE-2024-2511, CVE-2024-0727 due to OpenS...

Security Bulletin: z/Transaction Processing Facility is affected by an OpenSSL vulnerability

Summary The z/TPF version of OpenSSL was updated to address the vulnerability described by CVE-2024-0727. Vulnerability Details CVEID:CVE-2024-0727 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially crafted...

SUSE-SU-2024:0842-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file bsc1219243...

SUSE-SU-2024:0841-1 Security update for openssl1

This update for openssl1 fixes the following issues: - CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file bsc1219243...

SUSE-SU-2024:0832-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file bsc1219243...

SUSE-SU-2024:0814-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file bsc1219243...

Low: openssl

Issue Overview: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack The package openssl098e is provided purely for binary compatibility with older Amazon Linux versions. It does not receive security updates. CVE-2024-0727 Affect...

Low: openssl11

Issue Overview: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack The package openssl098e is provided purely for binary compatibility with older Amazon Linux versions. It does not receive security updates. CVE-2024-0727 Affect...

SUSE-SU-2024:0549-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file bsc1219243...

Sensitive Data Exposure in pem

Versions of pem before 1.13.2 expose sensitive data when the readPkcs12 is used. The readPkcs12 function reads the certificate and key data from a pkcs12 file using the encryption password. As part of this process it creates a globally readable file with a filename of 20 random 0-f characters in...

Moderate: Red Hat Security Advisory: openssl security and bug fix update

Updated OpenSSL packages that correct a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 an...