[FREEBSD:10DEE731-C069-11EE-9190-84A93843EB75] OpenSSL -- Multiple vulnerabilities
Severity
Medium
Affected Packages
5
CVEs
2
The OpenSSL project reports:
Excessive time spent checking invalid RSA public keys (CVE-2023-6237)
PKCS12 Decoding crashes (CVE-2024-0727)
Package | Affected Version |
---|---|
pkg:freebsd/openssl32 | < 3.2.1 |
pkg:freebsd/openssl31-quictls | < 3.1.5 |
pkg:freebsd/openssl31 | < 3.1.5 |
pkg:freebsd/openssl-quictls | < 3.0.13 |
pkg:freebsd/openssl | < 3.0.13,1 |
- ID
- FREEBSD:10DEE731-C069-11EE-9190-84A93843EB75
- Severity
- medium
- Severity from
- CVE-2024-0727
- URL
- http://vuxml.freebsd.org/freebsd/10dee731-c069-11ee-9190-84a93843eb75.html
- Published
-
2024-01-30T00:00:00
(7 months ago) - Modified
-
2024-01-31T00:00:00
(7 months ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS2-2024-2478
- ALAS2-2024-2479
- ALAS2-2024-2483
- ALAS2-2024-2502
- ALPINE:CVE-2023-6237
- ALPINE:CVE-2024-0727
- ALSA-2024:2447
- ELSA-2024-2447
- RHSA-2024:2447
- SSA:2024-199-01
- SUSE-SU-2024:0172-1
- SUSE-SU-2024:0518-1
- SUSE-SU-2024:0549-1
- SUSE-SU-2024:0813-1
- SUSE-SU-2024:0814-1
- SUSE-SU-2024:0815-1
- SUSE-SU-2024:0831-1
- SUSE-SU-2024:0832-1
- SUSE-SU-2024:0833-1
- SUSE-SU-2024:0840-1
- SUSE-SU-2024:0841-1
- SUSE-SU-2024:0842-1
- USN-6622-1
- USN-6632-1
- USN-6709-1
- USN-7018-1
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://www.openssl.org/news/secadv/20240125.txt | ||
FreeBSD VuXML | https://www.openssl.org/news/secadv/20240115.txt | ||
FreeBSD VuXML | https://www.openssl.org/news/openssl-3.0-notes.html | ||
FreeBSD VuXML | https://www.openssl.org/news/openssl-3.1-notes.html | ||
FreeBSD VuXML | https://www.openssl.org/news/openssl-3.2-notes.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/openssl32 | openssl32 | < 3.2.1 | ||||
Affected | pkg:freebsd/openssl31-quictls | openssl31-quictls | < 3.1.5 | ||||
Affected | pkg:freebsd/openssl31 | openssl31 | < 3.1.5 | ||||
Affected | pkg:freebsd/openssl-quictls | openssl-quictls | < 3.0.13 | ||||
Affected | pkg:freebsd/openssl | openssl | < 3.0.13,1 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |