Search CVE reports
81 – 90 of 282 results
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is...
4 affected packages
openssl1.0, nodejs, openssl, openssl098
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openssl1.0 | — | — | Not in release | Fixed |
| nodejs | — | — | Not affected | Not affected |
| openssl | — | — | Not affected | Not affected |
| openssl098 | — | — | Not in release | Not in release |
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
3 affected packages
openssl, openssl098, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openssl | — | — | Not affected | Fixed |
| openssl098 | — | — | Not in release | Not in release |
| openssl1.0 | — | — | Not in release | Fixed |
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1)....
3 affected packages
openssl, openssl098, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openssl | — | — | Fixed | Fixed |
| openssl098 | — | — | Not in release | Not in release |
| openssl1.0 | — | — | Not in release | Fixed |
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j...
3 affected packages
openssl, openssl098, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openssl | — | — | Fixed | Fixed |
| openssl098 | — | — | Not in release | Not in release |
| openssl1.0 | — | — | Not in release | Not affected |
Some fixes available 7 of 9
An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering,...
5 affected packages
ruby1.9.1, ruby2.0, ruby2.3, ruby2.5, ruby-openssl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ruby1.9.1 | Not in release | Not in release | Not in release | Not in release |
| ruby2.0 | Not in release | Not in release | Not in release | Not in release |
| ruby2.3 | Not in release | Not in release | Not in release | Not in release |
| ruby2.5 | Not in release | Not in release | Not in release | Fixed |
| ruby-openssl | Not in release | Not in release | Not in release | Needs evaluation |
Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low...
1 affected package
pyopenssl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pyopenssl | — | — | — | Not affected |
Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote...
1 affected package
pyopenssl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pyopenssl | — | — | — | Not affected |
Some fixes available 18 of 19
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in...
6 affected packages
libgcrypt11, nss, openssl098, libgcrypt20, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libgcrypt11 | — | — | — | Not in release |
| nss | — | — | — | Fixed |
| openssl098 | — | — | — | Not in release |
| libgcrypt20 | — | — | — | Fixed |
| openssl | — | — | — | Fixed |
| openssl1.0 | — | — | — | Fixed |
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key...
3 affected packages
openssl, openssl098, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openssl | — | — | — | Fixed |
| openssl098 | — | — | — | Not in release |
| openssl1.0 | — | — | — | Fixed |
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover...
3 affected packages
openssl, openssl098, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openssl | — | — | — | Fixed |
| openssl098 | — | — | — | Not in release |
| openssl1.0 | — | — | — | Fixed |