Download
| Alert*
oval:org.secpod.oval:def:89045539
This update for openssl fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89045620 This update for openssl-1_1 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:89045622 This update for openssl-1_0_0 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:89045621 This update for openssl-1_1 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:89045608 This update for openssl-1_0_0 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:89045639 This update for openssl fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:78643 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:506633 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: Read buffer overruns processing ASN.1 strings For more details about the security issue, including the im ... oval:org.secpod.oval:def:89045564 This update for openssl fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89045644 This update for openssl fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:506643 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: Read buffer overruns processing ASN.1 strings For more details about the security issue, including the im ... oval:org.secpod.oval:def:89045628 This update for openssl-1_1 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:89045554 This update for openssl-1_0_0 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89045556 This update for openssl-1_0_0 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:86352 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: Read buffer overruns processing ASN.1 strings For more details about the security issue, including the im ... oval:org.secpod.oval:def:89045562 This update for openssl-1_1 fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89045557 This update for openssl-1_1 fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89045553 This update for openssl-1_1 fixes the following security issues: - CVE-2021-3711: A bug in the implementation of the SM2 decryption code could lead to buffer overflows. [bsc#1189520] - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious a ... oval:org.secpod.oval:def:1601474 It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial ... oval:org.secpod.oval:def:89951 The remote host is missing a patch 151913-19 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:75866 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2021-3711 John Ouyang reported a buffer overflow vulnerability in the SM2 decryption. An attacker able to present SM2 content for decryption to an application can take advantage of this flaw to change appli ... oval:org.secpod.oval:def:4500034 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refe ... oval:org.secpod.oval:def:1700731 It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial ... oval:org.secpod.oval:def:2500372 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. oval:org.secpod.oval:def:89047324 This update for openssl-1_1 fixes the following security issues: - CVE-2021-3711: A bug in the implementation of the SM2 decryption code could lead to buffer overflows. [bsc#1189520] - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious a ... oval:org.secpod.oval:def:1505417 [1:1.1.1k-5] - CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz#2005400 oval:org.secpod.oval:def:74649 The host is installed with OpenSSL 1.0.2 through 1.0.2y or 1.1.1 through 1.1.1k and is prone to an information disclosure vulnerability. A flaw is present in the OpenSSL string processing functions. On successful exploitation, attacker can cause an application to directly construct an ASN1_STRING a ... oval:org.secpod.oval:def:1700724 It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial ... oval:org.secpod.oval:def:89047078 This update for openssl-1_1 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:75926 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:75962 edk2: UEFI firmware for virtual machines Several security issues were fixed in EDK II. oval:org.secpod.oval:def:1505356 [1:1.1.1k-5] - CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz#2005400 oval:org.secpod.oval:def:1505437 [1.0.2k-23] - fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz#1996054 oval:org.secpod.oval:def:1505436 [1.0.2k-23.0.1] - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison [Orabug: 32467026] - Add DH support changes for SP 800-56A rev3 requirements [Orabug: 32467059] - Add TLS KDF self-test [Orabug: 32467193] - Add EC keys pairwise consistency test [Orabug: 32467059] [1.0.2k ... oval:org.secpod.oval:def:706111 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:605612 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2021-3711 John Ouyang reported a buffer overflow vulnerability in the SM2 decryption. An attacker able to present SM2 content for decryption to an application can take advantage of this flaw to change appli ... oval:org.secpod.oval:def:706153 edk2: UEFI firmware for virtual machines Several security issues were fixed in EDK II. oval:org.secpod.oval:def:1505369 [1.0.2k-23] - fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz#1996054 oval:org.secpod.oval:def:89956 The remote host is missing a patch 151912-19 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2107034 Oracle Solaris 11 - ( CVE-2021-3711 ) oval:org.secpod.oval:def:97563 [CLSA-2021:1632262317] Fixed CVEs in openssl: CVE-2021-3712, CVE-2018-0737, CVE-2018-0739, CVE-2018-0732 oval:org.secpod.oval:def:1702213 A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. ... |