Download
| Alert*
oval:org.secpod.oval:def:70296
openssl: Secure Socket Layer cryptographic library and tools - openssl1.0: Secure Socket Layer cryptographic library and tools OpenSSL could be made to crash if it processed specially crafted input. oval:org.secpod.oval:def:506843 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: EDIPARTYNAME NULL pointer de-reference For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:89002872 This update for openssl fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:70445 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:505232 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: EDIPARTYNAME NULL pointer de-reference For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:505244 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: EDIPARTYNAME NULL pointer de-reference For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:89002823 This update for nodejs10 fixes the following issues: - New upstream LTS version 10.23.1: * CVE-2020-8265: use-after-free in TLSWrap bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as firs ... oval:org.secpod.oval:def:89050258 This update for openssl-1_1 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:89050317 This update for openssl-1_1 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:1601376 A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability oval:org.secpod.oval:def:1801793 openssl: EDIPARTYNAME NULL pointer de-reference oval:org.secpod.oval:def:119219 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:119195 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:2106629 Oracle Solaris 11 - ( CVE-2020-8265 ) oval:org.secpod.oval:def:89000302 This update for openssl-1_0_0 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . - Initialized dh-gt;nid to NID_undef in DH_new_method . - Fixed a test failure in apache_ssl in fips mode . - Renamed BN_get_rfc3526_prime_* functions back to get_rfc3526_pri ... oval:org.secpod.oval:def:1504811 [1.0.1e-59.0.1] - Backport fixes for CVE-2020-1971 [Orabug: 32654738] [1.0.1e-58.0.1] - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz - sha256 is used ... oval:org.secpod.oval:def:705794 openssl: Secure Socket Layer cryptographic library and tools - openssl1.0: Secure Socket Layer cryptographic library and tools OpenSSL could be made to crash if it processed specially crafted input. oval:org.secpod.oval:def:1504821 [1.0.2k-21] - remove ASN1_F_ASN1_ITEM_EMBED_D2I from openssl-1.0.2k-cve-2020-1971.patch [1.0.2k-20] - fix CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference [1.0.2k-19] - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel [1.0.2k-18] - fix CVE-2018-0734 - DSA sign ... oval:org.secpod.oval:def:605337 David Benjamin discovered a flaw in the GENERAL_NAME_cmp function which could cause a NULL dereference, resulting in denial of service. Additional details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20201208.txt oval:org.secpod.oval:def:1504797 [1.0.1e-59.0.1] - Backport fixes for CVE-2020-1971 [Orabug: 32654738] oval:org.secpod.oval:def:69825 David Benjamin discovered a flaw in the GENERAL_NAME_cmp function which could cause a NULL dereference, resulting in denial of service. Additional details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20201208.txt oval:org.secpod.oval:def:89000188 This update for openssl-1_1 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:1700519 A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability oval:org.secpod.oval:def:89000298 This update for openssl-1_1 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:75324 The host is installed with Microsoft Visual Studio and is prone to a NULL pointer de-reference vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an unspecified impact. oval:org.secpod.oval:def:69573 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: EDIPARTYNAME NULL pointer de-reference For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:89000449 This update for openssl-1_0_0 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:2500140 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. oval:org.secpod.oval:def:89957 The remote host is missing a patch 151912-18 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1503147 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503148 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205715 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: EDIPARTYNAME NULL pointer de-reference For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:89952 The remote host is missing a patch 151913-18 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:67778 The host is installed with Microsoft Visual Studio, OpenSSL 1.0.2 through 1.0.2w, 1.1.1 through 1.1.1h or Oracle MySQL Server through 5.7.32 or 8.0.22 and is prone to a NULL pointer de-reference vulnerability. A flaw is present in the application, which fails to handle an issue in the GENERAL_NAME_c ... oval:org.secpod.oval:def:97633 [CLSA-2022:1651179831] Fix CVE: CVE-2020-1971 oval:org.secpod.oval:def:1702213 A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. ... |