Gentoo Linux Security Advisory 202402-8 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in denial of service. Versions greater than or equal to 3.0.10 are affected.
21ad378435b07083191f0c5fc69298cd031080be76d8665f35aae2aacebb11f1Ubuntu Security Notice 6564-1 - Hubert Kario discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. CarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.
ae06e9d7de3a8aa6879c9ffafc7bea669c2fbcc0dec9e5141b1982070bee30b7Red Hat Security Advisory 2023-1199-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer overflow, double free, and use-after-free vulnerabilities.
4e40b595047797d81adf804c2f45bc97a61c115d639ef1d1e21d8aa98767fd4bRed Hat Security Advisory 2023-0946-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer overflow, double free, and use-after-free vulnerabilities.
03c201bb2ce7568e3362720c1cb0f457937348867d13e7c04e8449c3b355f24fOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.
6c13d2bf38fdf31eac3ce2a347073673f5d63263398f1f69d0df4a41253e4b3eUbuntu Security Notice 5844-1 - David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. Corey Bonnell discovered that OpenSSL incorrectly handled X.509 certificate verification. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10.
9148a451ed73788ce14d48db0869c0d82f74b5a31944d3cbb731fc7a3633c392OpenSSL Security Advisory 20230207 - Security issues addressed in OpenSSL include X.400 address type confusion in X.509 GeneralName, a timing oracle in RSA decryption, a X.509 Name Constraints read buffer overflow, a use-after-free following BIO_new_NDEF, a double-free after calling PEM_read_bio_ex, an invalid pointer dereference in d2i_PKCS7 functions, a NULL dereference validating DSA public key, and a NULL dereference during PKCS7 data verification.
16370d8b2cce80bd47b575da9533d376c1ce8d49fd8cfdffe9f131d46a43f157
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed