[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:89049022
This update for openssl-1_1 fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x ...

oval:org.secpod.oval:def:89048483
This update for openssl fixes the following issues: * CVE-2022-4304: Fixed timing Oracle in RSA Decryption .

oval:org.secpod.oval:def:87432
The host is installed with OpenSSL 1.0.2 before 1.0.2zg, 1.1.1 before 1.1.1t or 3.0.0 before 3.0.8 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle RSA decryption implementation. Successful exploitation allows attackers to decrypt the applicat ...

oval:org.secpod.oval:def:87671
A use-after-free vulnerability was found in OpenSSL's BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be c ...

oval:org.secpod.oval:def:87672
A double-free vulnerability was found in OpenSSL's PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (for example, "CERTIFICATE"), any header data, and the payload data. If the function succeeds, then the "name_out," "header," and ...

oval:org.secpod.oval:def:89048995
This update for openssl-1_1 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . * Update further expiring certificates t ...

oval:org.secpod.oval:def:87669
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages fo ...

oval:org.secpod.oval:def:89048992
This update for openssl-1_0_0 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case .

oval:org.secpod.oval:def:89048991
This update for openssl-1_1 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . * Update further expiring certificates t ...

oval:org.secpod.oval:def:89048989
This update for openssl-1_1 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . * Update further expiring certificates t ...

oval:org.secpod.oval:def:5800144
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: X.400 address type confusion in X.509 GeneralName * openssl: read buffer overflow in X.509 certificate ve ...

oval:org.secpod.oval:def:2600217
EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.

oval:org.secpod.oval:def:507580
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: X.400 address type confusion in X.509 GeneralName * openssl: timing attack in RSA Decryption implementati ...

oval:org.secpod.oval:def:90229
The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base

oval:org.secpod.oval:def:708682
nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js.

oval:org.secpod.oval:def:96801
nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js.

oval:org.secpod.oval:def:124976
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:89048218
This update for openssl-1_1 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . - CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex . - CVE-2022-4304: F ...

oval:org.secpod.oval:def:1506461
[3.0.1-47.0.1] - Replace upstream references [Orabug: 34340177] [1:3.0.1-47] - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed U ...

oval:org.secpod.oval:def:2501029
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

oval:org.secpod.oval:def:1506783
[20220126gitbb1bba3d77-4] - edk2-openssl-update.patch [bz#2164531 bz#2164543 bz#2164558 bz#2164581] - edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch [bz#2164531 bz#2164543 bz#2164558 bz#2164581] - Resolves: bz#2164531 - Resolves: bz#2164543 - Resolves: bz#2164558 - Resolves: bz#21 ...

oval:org.secpod.oval:def:89048533
This update for openssl fixes the following issues: * CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralNameFixed . * CVE-2023-0215: Fixed a use-after-free following BIO_new_NDEF . * CVE-2022-4304: Fixed a timing oracle in RSA decryption . The following non-security bug were fixed: * ...

oval:org.secpod.oval:def:89948
The remote host is missing a patch 151913-22 containing a security fix. For more information please visit the reference link.

oval:org.secpod.oval:def:125023
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:89048213
This update for openssl-1_1 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . - CVE-2022-4304: Fixed timing Oracle in RSA Decryption .

oval:org.secpod.oval:def:1701141
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages fo ...

oval:org.secpod.oval:def:1701140
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages fo ...

oval:org.secpod.oval:def:87448
openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL.

oval:org.secpod.oval:def:89048211
This update for openssl-1_0_0 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . - CVE-2022-4304: Fixed timing Oracle in RSA Decryption .

oval:org.secpod.oval:def:1506546
[1:1.1.1k-9] - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed Use-after-free following BIO_new_NDEF Resolves: CVE-2023-0215 - Fixed X.400 address type confusion in X.509 GeneralName Resolves: CVE-2023-02 ...

oval:org.secpod.oval:def:3300295
SUSE Security Update: Security update for openssl-3

oval:org.secpod.oval:def:2501065
EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.

oval:org.secpod.oval:def:89344
Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit, which may result in incomplete encryption, side channel attacks, denial of service or information disclosure. Additional details can be found in the upstream advisories at https://www.openssl.org/news/secadv/20 ...

oval:org.secpod.oval:def:2107989
Oracle Solaris 11 - ( CVE-2023-0215 )

oval:org.secpod.oval:def:4501396
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: X.400 address type confusion in X.509 GeneralName * openssl: timing attack in RSA Decryption implementati ...

oval:org.secpod.oval:def:507715
EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * openssl: X.400 address type confusion in X.509 GeneralName * openssl: timing attack in RSA Decryption implementation * openssl: double free after cal ...

oval:org.secpod.oval:def:1601638
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages fo ...

oval:org.secpod.oval:def:3300323
SUSE Security Update: Security update for openssl-1_0_0

oval:org.secpod.oval:def:707930
openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL.

oval:org.secpod.oval:def:610380
Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit, which may result in incomplete encryption, side channel attacks, denial of service or information disclosure. Additional details can be found in the upstream advisories at https://www.openssl.org/news/secadv/20 ...

oval:org.secpod.oval:def:507561
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: read buffer overflow in X.509 certificate verification * openssl: timing attack in RSA Decryption impleme ...

oval:org.secpod.oval:def:1506643
[20221207gitfff6d81270b5-9] - edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch [bz#2169247] - Resolves: bz#2169247 [20221207gitfff6d81270b5-8] - edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch [bz#2174605] - Resolves: bz#2174605 [20221207gitfff6d81270b5-7] - edk2-Revert-Mde ...

oval:org.secpod.oval:def:1506446
[3.0.1-47.0.1] - Replace upstream references [Orabug: 34340177] [1:3.0.1-47] - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed U ...

oval:org.secpod.oval:def:125123
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. This package contains sample 64-bit UEFI firmware builds for QEMU and KVM.

oval:org.secpod.oval:def:124994
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. This package contains sample 64-bit UEFI firmware builds for QEMU and KVM.

oval:org.secpod.oval:def:89048231
This update for openssl1 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . - CVE-2022-4304: Fixed timing Oracle in RSA Decryption .

oval:org.secpod.oval:def:89049075
This update for openssl-1_0_0 fixes the following issues: * CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . * CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . * CVE-2022-4304: Fixed timing Oracle in RSA Decryption .

oval:org.secpod.oval:def:3300339
SUSE Security Update: Security update for openssl-1_1

oval:org.secpod.oval:def:19500051
A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the applica ...

oval:org.secpod.oval:def:1506490
[1:1.1.1k-9] - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed Use-after-free following BIO_new_NDEF Resolves: CVE-2023-0215 - Fixed X.400 address type confusion in X.509 GeneralName Resolves: CVE-2023-02 ...

oval:org.secpod.oval:def:2600164
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

oval:org.secpod.oval:def:507659
EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * openssl: X.400 address type confusion in X.509 GeneralName * edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escala ...

oval:org.secpod.oval:def:1701798
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages fo ...

oval:org.secpod.oval:def:89048227
This update for openssl-1_0_0 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . - CVE-2022-4304: Fixed timing Oracle in RSA Decryption . - testsuite: Update furthe ...

oval:org.secpod.oval:def:89048225
This update for openssl-1_1 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . - CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex . - CVE-2022-4304: F ...

oval:org.secpod.oval:def:89048223
This update for openssl-3 fixes the following issues: Security fixes: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0401: Fixed NULL pointer dereference during PKCS7 data verification . - CVE-2023-0217: Fixed NULL pointer dereference valid ...

oval:org.secpod.oval:def:89048221
This update for openssl-1_1 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . - CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex . - CVE-2022-4304: F ...

oval:org.secpod.oval:def:89953
The remote host is missing a patch 151912-22 containing a security fix. For more information please visit the reference link.

oval:org.secpod.oval:def:3302420
Security update for openssl-1_0_0

oval:org.secpod.oval:def:89051573
This update for openssl fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case .

oval:org.secpod.oval:def:89051544
This update for openssl-1_0_0 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case .

oval:org.secpod.oval:def:89049202
This update for openssl-1_1 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . * CVE-2023-3446: Fixed DH_check excessiv ...

oval:org.secpod.oval:def:1702213
A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. ...

CWE    1
CWE-203
*CVE
CVE-2022-4304

© SecPod Technologies