rpm package
opensuse/openssl-1_1&distro=openSUSE Leap Micro 5.5
pkg:rpm/opensuse/openssl-1_1&distro=openSUSE%20Leap%20Micro%205.5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-5535 | Cri | 9.1 | < 1.1.1l-150500.17.34.1 | 1.1.1l-150500.17.34.1 | Jun 27, 2024 | Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected appl | |
| CVE-2023-50782 | — | < 1.1.1l-150500.17.37.1 | 1.1.1l-150500.17.37.1 | Feb 5, 2024 | A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. |
- affected < 1.1.1l-150500.17.34.1fixed 1.1.1l-150500.17.34.1
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected appl
- CVE-2023-50782Feb 5, 2024affected < 1.1.1l-150500.17.37.1fixed 1.1.1l-150500.17.37.1
A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.