Search CVE reports
121 – 130 of 515 results
Some fixes available 16 of 20
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Fixed | Needs evaluation | Needs evaluation |
| nodejs | Not affected | Not affected | Fixed | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl1.0 | — | — | Not in release | Not in release | Fixed |
Some fixes available 13 of 17
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data"...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Fixed | Needs evaluation | Needs evaluation |
| nodejs | Not affected | Not affected | Fixed | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl1.0 | — | — | Not in release | Not in release | Not affected |
Some fixes available 13 of 18
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Fixed | Needs evaluation | Needs evaluation |
| nodejs | Not affected | Not affected | Fixed | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl1.0 | — | — | Not in release | Not in release | Ignored |
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | — | — | Not affected | Not affected | Not affected |
| nodejs | — | — | Not affected | Not affected | Not affected |
| openssl | — | — | Fixed | Not affected | Not affected |
| openssl1.0 | — | — | Not in release | Not in release | Not affected |
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | Not affected | Not affected | Not affected | Not affected |
| openssh-ssh1 | — | Not affected | Not affected | Not affected | Not affected |
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Not affected | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Not affected | Not affected |
| openssl1.0 | — | — | Not in release | Not in release | Not affected |
Some fixes available 1 of 6
The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van Oorschot and Wiener paper found that "(appropriately) short exponents"...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Not affected | Not affected | Fixed | Not affected | Not affected |
| openssl1.0 | Not in release | Not in release | Not in release | Not in release | Not affected |
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | — | Not affected | Not affected | Not affected | Not affected |
| nodejs | — | Not affected | Not affected | Not affected | Not affected |
| openssl | — | Fixed | Fixed | Not affected | Not affected |
| openssl1.0 | — | — | Not in release | Not in release | Not affected |
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | — | Not affected | Not affected | Not affected | Not affected |
| nodejs | — | Not affected | Not affected | Not affected | Not affected |
| openssl | — | Fixed | Fixed | Not affected | Not affected |
| openssl1.0 | — | — | Not in release | Not in release | Not affected |
A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.
1 affected package
nss
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| nss | — | — | Not affected | Not affected | Not affected |