Search CVE reports
11 – 20 of 331 results
Some fixes available 9 of 17
Possible NULL Dereference in Password-Based CMS Decryption
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Fixed |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Needs evaluation |
| edk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
NULL Dereference in Certificate Verification with OCSP Checking
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssl | Not affected | Not affected | Not affected | Not affected | Not affected |
| openssl-fips | Not in release | Not affected | Not affected | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| edk2 | Not affected | Not affected | Not affected | Not affected | Not affected |
Some fixes available 2 of 4
NULL pointer dereference in QUIC server initial packet handling
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssl | Fixed | Not affected | Not affected | Not affected | Not affected |
| openssl-fips | Not in release | Not affected | Not affected | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| edk2 | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
Double-free When Checking OCSP Stapled Response
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssl | Not affected | Not affected | Not affected | Not affected | Not affected |
| openssl-fips | Not in release | Not affected | Not affected | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| edk2 | Not affected | Not affected | Not affected | Not affected | Not affected |
Some fixes available 2 of 5
Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssl | Fixed | Not affected | Not affected | Not affected | Not affected |
| openssl-fips | Not in release | Not affected | Not affected | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| edk2 | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
Some fixes available 4 of 8
CMS AuthEnvelopedData Processing May Accept Forged Messages
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssl | Fixed | Fixed | Fixed | Not affected | Not affected |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| edk2 | Needs evaluation | Needs evaluation | Not affected | Not affected | Not affected |
Some fixes available 2 of 5
PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssl | Fixed | Not affected | Not affected | Not affected | Not affected |
| openssl-fips | Not in release | Not affected | Not affected | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| edk2 | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
Some fixes available 9 of 17
Heap Buffer Over-read in ASN.1 Content Parsing
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Fixed |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Needs evaluation |
| edk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char *, which routes through Perl's default typemap to SvPV_nolen. The Perl length is...
1 affected package
libcrypt-openssl-pkcs12-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libcrypt-openssl-pkcs12-perl | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds (OOB) write flaws. When parsing a PKCS12 file, with a >= 1 GiB OCTET STRING (or BIT STRING) attribute on a SAFEBAG, via info() or info_as_hash(), a heap...
1 affected package
libcrypt-openssl-pkcs12-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libcrypt-openssl-pkcs12-perl | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |