4 matches found
CLSA-2026-1777999127 Fix CVE(s): CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390
SECURITY UPDATE: fix UAF/double-free in DANE client by using X509free for dane-mcert - debian/patches/CVE-2026-28387.patch: fix UAF/double-free in DANE client by using X509free for dane-mcert - CVE-2026-28387 SECURITY UPDATE: NULL check delta-crlnumber before ASN1INTEGERcmp in checkdeltabase -...
CLSA-2026-1777567502 openssl: Fix of CVE-2026-28387
CVE-2026-28387: fix use-after-free / double-free in danematch by releasing the previously stored dane-mcert with X509free instead of OPENSSLfree; the slot is reference-bumped via X509upref so the matching free is X509free...
CLSA-2026-1777542789 openssl: Fix of CVE-2026-28387
CVE-2026-28387: fix use-after-free / double-free in danematch by releasing the previously stored dane-mcert with X509free instead of OPENSSLfree; the slot is reference-bumped via X509upref so the matching free is X509free...
PT-2022-25320 · Samsung · Samsung Tizenrt
Name of the Vulnerable Software and Affected Versions: Samsung TizenRT versions 3.0 GBM through 3.1 PRE Description: An issue in the cyassl connect step2 function in curl/vtls/cyassl.c leads to information disclosure due to a missing X509 free after SSL get peer certificate. Recommendations: For...