Download
| Alert*
|
oval:org.secpod.oval:def:87674
A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function, most likely leading to an application crash. This function can be called on public keys supplied from untrusted ... oval:org.secpod.oval:def:87437 The host is installed with OpenSSL 3.0.0 before 3.0.8 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to handle EVP_PKEY_public_check() function. Successful exploitation could result in application crash which could lead to a denial of serv ... oval:org.secpod.oval:def:87675 A NULL pointer vulnerability was found in OpenSSL, which can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available, ... oval:org.secpod.oval:def:5800144 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: X.400 address type confusion in X.509 GeneralName * openssl: read buffer overflow in X.509 certificate ve ... oval:org.secpod.oval:def:707930 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:90229 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:19500051 A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the applica ... oval:org.secpod.oval:def:2107989 Oracle Solaris 11 - ( CVE-2023-0215 ) oval:org.secpod.oval:def:2600164 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. oval:org.secpod.oval:def:507561 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: read buffer overflow in X.509 certificate verification * openssl: timing attack in RSA Decryption impleme ... oval:org.secpod.oval:def:124976 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1506446 [3.0.1-47.0.1] - Replace upstream references [Orabug: 34340177] [1:3.0.1-47] - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed U ... oval:org.secpod.oval:def:1506461 [3.0.1-47.0.1] - Replace upstream references [Orabug: 34340177] [1:3.0.1-47] - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed U ... oval:org.secpod.oval:def:125023 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:89048223 This update for openssl-3 fixes the following issues: Security fixes: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0401: Fixed NULL pointer dereference during PKCS7 data verification . - CVE-2023-0217: Fixed NULL pointer dereference valid ... oval:org.secpod.oval:def:3300295 SUSE Security Update: Security update for openssl-3 |
