Search CVE reports
1 – 10 of 164 results
Some fixes available 9 of 17
Out-of-Bounds Read in CMS Password-Based Decryption
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Needs evaluation |
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Fixed |
Some fixes available 9 of 17
Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Needs evaluation |
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Fixed |
Some fixes available 9 of 17
Heap Use-After-Free in OpenSSL PKCS7_verify()
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Needs evaluation |
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Fixed |
Some fixes available 4 of 8
Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Needs evaluation | Needs evaluation | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Not affected | Not affected |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
Some fixes available 4 of 8
AES-OCB IV Ignored on EVP_Cipher() Path
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Needs evaluation | Needs evaluation | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Not affected | Not affected |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
Possible Out of Bounds Read in X509_VERIFY_PARAM_set1_email()
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Not affected | Not affected | Not affected | Not affected | Not affected |
| openssl-fips | Not in release | Not affected | Not affected | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
Some fixes available 4 of 8
FFC-DH Peer Validation Uses Attacker-Supplied q
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Needs evaluation | Needs evaluation | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Not affected | Not affected |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
Some fixes available 2 of 5
Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Fixed | Not affected | Not affected | Not affected | Not affected |
| openssl-fips | Not in release | Not affected | Not affected | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
Some fixes available 2 of 5
Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Fixed | Not affected | Not affected | Not affected | Not affected |
| openssl-fips | Not in release | Not affected | Not affected | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |
Some fixes available 4 of 8
NULL Pointer Dereference in CRMF EncryptedValue Decryption
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Needs evaluation | Needs evaluation | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Not affected | Not affected |
| openssl-fips | Not in release | Not in release | Not in release | — | — |
| openssl1.0 | Not in release | Not in release | Not in release | — | Not affected |