VYPR

rpm package

almalinux/compat-openssl11

pkg:rpm/almalinux/compat-openssl11

Vulnerabilities (3)

  • CVE-2026-28390HigApr 7, 2026
    affected < 1:1.1.1k-5.el9_8.3fixed 1:1.1.1k-5.el9_8.3

    Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur

  • CVE-2025-69419HigJan 27, 2026
    affected < 1:1.1.1k-5.el9_8.2fixed 1:1.1.1k-5.el9_8.2

    Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cau

  • CVE-2023-0286HigFeb 8, 2023
    affected < 1:1.1.1k-5.el9_6.1fixed 1:1.1.1k-5.el9_6.1

    There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This