Search CVE reports


Toggle filters

41 – 50 of 433 results


CVE-2023-0217

Medium priority
Fixed

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can...

4 affected packages

edk2, nodejs, openssl, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
edk2 Not affected Not affected Not affected Not affected
nodejs Not affected Not affected Not affected Not affected
openssl Fixed Not affected Not affected Not affected
openssl1.0 Not in release Not in release Not affected Not in release
Show less packages

CVE-2023-0216

Medium priority
Fixed

An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an...

4 affected packages

edk2, nodejs, openssl, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
edk2 Not affected Not affected Not affected Not affected
nodejs Not affected Not affected Not affected Not affected
openssl Fixed Not affected Not affected Not affected
openssl1.0 Not in release Not in release Not affected Not in release
Show less packages

CVE-2023-0215

Medium priority

Some fixes available 12 of 18

The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called...

4 affected packages

edk2, nodejs, openssl, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
edk2 Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
nodejs Not affected Fixed Not affected Not affected Not affected
openssl Fixed Fixed Fixed Fixed Fixed
openssl1.0 Not in release Not in release Fixed Not in release
Show less packages

CVE-2022-4450

Medium priority

Some fixes available 9 of 15

The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments...

4 affected packages

edk2, nodejs, openssl, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
edk2 Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
nodejs Not affected Fixed Not affected Not affected Not affected
openssl Fixed Fixed Fixed Fixed Not affected
openssl1.0 Not in release Not in release Not affected Not in release
Show less packages

CVE-2022-4304

Medium priority

Some fixes available 9 of 18

A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker...

4 affected packages

edk2, nodejs, openssl, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
edk2 Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
nodejs Not affected Fixed Not affected Not affected Not affected
openssl Fixed Fixed Fixed Fixed Ignored
openssl1.0 Not in release Not in release Ignored Not in release
Show less packages

CVE-2022-4203

Medium priority
Fixed

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the...

4 affected packages

edk2, nodejs, openssl, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
edk2 Not affected Not affected Not affected Not affected
nodejs Not affected Not affected Not affected Not affected
openssl Fixed Not affected Not affected Not affected
openssl1.0 Not in release Not in release Not affected Not in release
Show less packages

CVE-2023-25136

Medium priority
Not affected

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the...

2 affected packages

openssh, openssh-ssh1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openssh Not affected Not affected Not affected Not affected Not affected
openssh-ssh1 Not affected Not affected Not affected Not affected Not in release
Show less packages

CVE-2022-3996

Low priority

Some fixes available 6 of 7

If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of...

4 affected packages

edk2, nodejs, openssl, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
edk2 Not affected Not affected Not affected Not affected Needs evaluation
nodejs Not affected Not affected Not affected Not affected Not affected
openssl Fixed Fixed Not affected Not affected Not affected
openssl1.0 Not in release Not in release Not affected Not in release
Show less packages

CVE-2022-40735

Medium priority

Some fixes available 1 of 6

The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van Oorschot and Wiener paper found that "(appropriately) short exponents"...

4 affected packages

edk2, nodejs, openssl, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
edk2 Not affected Not affected Not affected Not affected Not affected
nodejs Not affected Vulnerable Not affected Not affected Not affected
openssl Not affected Fixed Not affected Not affected Not affected
openssl1.0 Not in release Not in release Not in release Not affected Not in release
Show less packages

CVE-2022-3786

High priority

Some fixes available 6 of 7

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a...

4 affected packages

edk2, nodejs, openssl, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
edk2 Not affected Not affected Not affected Not affected Needs evaluation
nodejs Not affected Not affected Not affected Not affected Not affected
openssl Fixed Fixed Not affected Not affected Not affected
openssl1.0 Not in release Not in release Not affected Not in release
Show less packages