RHEL 5 : pyopenssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pyOpenSSL: Failure to release memory before removing last reference in PKCS 12 Store CVE-2018-1000808 Note that...

RHEL 7 : pyopenssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pyOpenSSL: Failure to release memory before removing last reference in PKCS 12 Store CVE-2018-1000808 Note that...

RHEL 6 : pyopenssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pyOpenSSL: Failure to release memory before removing last reference in PKCS 12 Store CVE-2018-1000808 Note that...

SUSE: Security Advisory (SUSE-SU-2024:1626-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : python-pyOpenSSL (SUSE-SU-2024:1626-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1626-1 advisory. - Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509...

SUSE-SU-2024:1626-1 Security update for python-pyOpenSSL

This update for python-pyOpenSSL fixes the following issues: - CVE-2018-1000807: Fixed a use-after-free in X509 object handling bsc1111635 - CVE-2018-1000808: Fixed a use-after-free in PKCS 12 Store bsc1111634...

RHEL 7 : pyopenssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pyOpenSSL: Failure to release memory before removing last reference in PKCS 12 Store CVE-2018-1000808 Note that...

RHEL 8 : pyopenssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pyOpenSSL: Use-after-free in X509 object handling CVE-2018-1000807 - Python Cryptographic Authority...

RHEL 5 : pyopenssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pyOpenSSL: Failure to release memory before removing last reference in PKCS 12 Store CVE-2018-1000808 Note that...

RHEL 6 : pyopenssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pyOpenSSL: Failure to release memory before removing last reference in PKCS 12 Store CVE-2018-1000808 Note that...

RHEL 7 : pyOpenSSL (RHSA-2019:0085)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0085 advisory. The pyOpenSSL packages provide a high-level wrapper around a subset of the OpenSSL library for the Python programming language. Security...

K15151: pyOpenSSL vulnerability CVE-2013-4314

Security Advisory Description The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...

SUSE CVE-2016-9015

Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. This places users of the library with those configurations at risk of man-in-the-middle and information leakage attacks. Thi...

SUSE CVE-2018-1000807

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on...

SUSE CVE-2018-1000808

Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS 12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends...

Huawei EulerOS: Security Advisory for pyOpenSSL (EulerOS-SA-2023-1283)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : pyOpenSSL (EulerOS-SA-2023-1283)

According to the versions of the pyOpenSSL package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X5...

Exploit for CVE-2022-1040

Environment In Python Environment3.10 python3.10 It...

pcs security update

0.11.1-10.el90.1 - Updated bundled rubygems: sinatra, rack-protection - Resolves: rhbz2081333 0.11.1-10 - Fixed snmp client - Fixed translating resource roles in colocation constraint - Resolves: rhbz2048640 0.11.1-9 - Fixed cluster destroy in web ui - Fixed covscan issue in web ui - Resolves:...

GHSA-6748-36QP-FX6R PyOpenSSL Mishandles NUL Byte In Certificate Subject Alternative Name

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a \0 character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certificati...