Search CVE reports
41 – 50 of 432 results
CVE-2023-0216
Medium priorityAn invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| edk2 | — | Not affected | Not affected | Not affected | Not affected |
| nodejs | — | Not affected | Not affected | Not affected | Not affected |
| openssl | — | Fixed | Not affected | Not affected | Not affected |
| openssl1.0 | — | Not in release | Not in release | Not affected | Not in release |
CVE-2023-0215
Medium prioritySome fixes available 11 of 17
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| nodejs | Not affected | Fixed | Not affected | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl1.0 | — | Not in release | Not in release | Fixed | Not in release |
CVE-2022-4450
Medium prioritySome fixes available 8 of 14
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| nodejs | Not affected | Fixed | Not affected | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Fixed | Not affected |
| openssl1.0 | — | Not in release | Not in release | Not affected | Not in release |
CVE-2022-4304
Medium prioritySome fixes available 8 of 17
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| nodejs | Not affected | Fixed | Not affected | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Fixed | Ignored |
| openssl1.0 | — | Not in release | Not in release | Ignored | Not in release |
CVE-2022-4203
Medium priorityA read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| edk2 | — | Not affected | Not affected | Not affected | Not affected |
| nodejs | — | Not affected | Not affected | Not affected | Not affected |
| openssl | — | Fixed | Not affected | Not affected | Not affected |
| openssl1.0 | — | Not in release | Not in release | Not affected | Not in release |
CVE-2023-25136
Medium priorityOpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the...
2 affected packages
openssh, openssh-ssh1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openssh | Not affected | Not affected | Not affected | Not affected | Not affected |
| openssh-ssh1 | Not affected | Not affected | Not affected | Not affected | Not in release |
CVE-2022-3996
Low prioritySome fixes available 5 of 6
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| nodejs | Not affected | Not affected | Not affected | Not affected | Not affected |
| openssl | Fixed | Fixed | Not affected | Not affected | Not affected |
| openssl1.0 | — | Not in release | Not in release | Not affected | Not in release |
CVE-2022-40735
Medium prioritySome fixes available 1 of 6
The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van Oorschot and Wiener paper found that "(appropriately) short exponents"...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| nodejs | Not affected | Vulnerable | Not affected | Not affected | Not affected |
| openssl | Not affected | Fixed | Not affected | Not affected | Not affected |
| openssl1.0 | Not in release | Not in release | Not in release | Not affected | Not in release |
CVE-2022-3786
High prioritySome fixes available 5 of 6
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| nodejs | Not affected | Not affected | Not affected | Not affected | Not affected |
| openssl | Fixed | Fixed | Not affected | Not affected | Not affected |
| openssl1.0 | — | Not in release | Not in release | Not affected | Not in release |
CVE-2022-3602
High prioritySome fixes available 5 of 6
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| nodejs | Not affected | Not affected | Not affected | Not affected | Not affected |
| openssl | Fixed | Fixed | Not affected | Not affected | Not affected |
| openssl1.0 | — | Not in release | Not in release | Not affected | Not in release |