VYPR

rpm package

almalinux/compat-openssl10

pkg:rpm/almalinux/compat-openssl10

Vulnerabilities (3)

  • CVE-2026-28390HigApr 7, 2026
    affected < 1:1.0.2o-4.el8_10.2fixed 1:1.0.2o-4.el8_10.2

    Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur

  • CVE-2023-0286HigFeb 8, 2023
    affected < 1:1.0.2o-4.el8_10.1fixed 1:1.0.2o-4.el8_10.1

    There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This

  • CVE-2022-0778HigMar 15, 2022
    affected < 1:1.0.2o-4.el8_6fixed 1:1.0.2o-4.el8_6

    The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv