openssl is vulnerable to Improper Authentication. The vulnerability allows applications that use the ‘AES-SIV’ algorithm and want to authenticate empty data entries to be misled by removing adding or reordering empty entries causing the issue.
www.openwall.com/lists/oss-security/2023/07/15/1
www.openwall.com/lists/oss-security/2023/07/19/5
git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598
git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
security.gentoo.org/glsa/202402-08
security.netapp.com/advisory/ntap-20230725-0004/
www.openssl.org/news/secadv/20230714.txt