5 matches found
CVE-2026-28389 vulnerabilities
Vulnerabilities for packages: libcrypto3-2.34, openssl...
SUSE SLED15: libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-32bit / etc (SUSE-SU-2026:1386-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1386-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer...
[slackware-security] openssl
New openssl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openssl-1.1.1zg-i586-1slack15.0.txz: Upgraded. Apply patch to fix the following security issues: Potential Use-after-free in DANE...
CVE-2026-28389 affecting package openssl for versions less than 3.3.5-5
CVE-2026-28389 affecting package openssl for versions less than 3.3.5-5. A patched version of the package is available...
CVE-2026-28389
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...