Multiple vulnerabilities have been discovered in OpenSSL, a Secure
Sockets Layer toolkit, which may result in incomplete encryption, side
channel attacks, denial of service or information disclosure
Additional details can be found in the upstream advisories at
wwwopensslorg/news/secadv/20220705txt and
wwwopensslorg/news/secadv ...
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption This issue affects all RSA padding m ...
Description<!---->A use-after-free vulnerability was found in OpenSSL's BIO_new_NDEF function The public API function BIO_new_NDEF is a helper function used for streaming ASN1 data via a BIO It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user appli ...
Synopsis
Moderate: Release of OpenShift Serverless 1290
Type/Severity
Security Advisory: Moderate
Topic
OpenShift Serverless version 1290 contains a moderate security impactThe References section contains CVE links providing detailed severity ratingsfor each vulnerability Ratings are based on a Common Vulnerability ScoringSystem (CVSS) ...
Synopsis
Important: Red Hat JBoss Web Server 573 release and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Web Server 573 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows ServerRed Hat Product Security has rated this release a ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 179 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 179 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Moderate: OpenShift Container Platform 4134 bug fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4134 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Con ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 258 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 258 GeneralAvailability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a ...
Synopsis
Moderate: Multicluster Engine for Kubernetes 208 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Multicluster Engine for Kubernetes 208 General Availability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a security impact ...
Synopsis
Moderate: OpenShift Container Platform 41146 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 41146 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Plat ...
Synopsis
Important: OpenShift Virtualization 4125 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4125 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security imp ...
概述
Important: openssl security and bug fix update
类型/严重性
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
标题
An update for openssl is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Sec ...
Synopsis
Moderate: Red Hat OpenShift Service Mesh Containers for 241 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Service Mesh 241 ContainersRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a det ...
Synopsis
Moderate: Red Hat OpenShift Service Mesh Containers for 235 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Service Mesh 235 ContainersRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a det ...
Synopsis
Moderate: Red Hat OpenShift Service Mesh 228 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Service Mesh 228Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is ...
Synopsis
Moderate: Multicluster Engine for Kubernetes 216 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Multicluster Engine for Kubernetes 216 General Availability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a security impact ...
Synopsis
Important: Red Hat OpenShift Data Foundation 4117 Bug Fix and security update
Type/Severity
Security Advisory: Important
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4117 on Red Hat Enterprise Linux 8 from Red Hat Container RegistryRed Hat Product Security has rated this upda ...
Synopsis
Important: edk2 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for edk2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a securi ...
Synopsis
Important: Red Hat JBoss Web Server 573 release and security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat JBoss Web Server 573 on Red Hat Enterprise Linux vers ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2451 SP2 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services Apache HTTP Server 2451 Service Pack 2 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sco ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2451 SP2 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2 ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 265 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 265 GeneralAvailability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a ...
Synopsis
Moderate: Logging Subsystem for Red Hat OpenShift - 559 security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Logging Subsystem for Red Hat OpenShift - 559Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Moderate: openssl security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for openssl is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has rated ...
Synopsis
Important: edk2 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for edk2 is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has rated this ...
Synopsis
Moderate: Red Hat OpenShift Data Foundation 4122 Bug Fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4122 on Red Hat Enterprise Linux 8 from Red Hat Container RegistryRed Hat Product Security has rated this update ...
Synopsis
Important: Migration Toolkit for Containers (MTC) 1710 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
The Migration Toolkit for Containers (MTC) 1710 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...
Synopsis
Critical: Multicluster Engine for Kubernetes 223 security updates and bug fixes
Type/Severity
Security Advisory: Critical
Topic
Multicluster Engine for Kubernetes 223 General Availability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a security impact ...
Synopsis
Moderate: Red Hat OpenShift Service Mesh 227 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Service Mesh 227Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is ...
Synopsis
Important: Self Node Remediation Operator 051 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Self Node Remediation Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Commo ...
Synopsis
Important: Node Health Check Operator 041
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Node Health Check Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: Node Maintenance Operator 501 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Node Maintenance Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerab ...
Synopsis
Moderate: OpenShift Container Platform 41143 bug fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 41143 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
Synopsis
Moderate: OpenShift Virtualization 4126 Images
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Virtualization release 4126 is now available with updates to packages and images that fix several bugs and add enhancements
Description
OpenShift Virtualization is Red Hat's virtualization solution designed for Red ...
Synopsis
Critical: Red Hat Advanced Cluster Management 273 security fixes and bug fixes
Type/Severity
Security Advisory: Critical
Topic
Red Hat Advanced Cluster Management for Kubernetes 273 GeneralAvailability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a s ...
Synopsis
Moderate: OpenShift Container Platform 41222 bug fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 41222 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
Synopsis
Moderate: OpenShift Container Platform 4135 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4135 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Platf ...
Synopsis
Important: openssl security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for openssl is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a ...
Synopsis
Important: Migration Toolkit for Applications security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Migration Toolkit for Applications 610 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Synopsis
Critical: Multicluster Engine for Kubernetes 20 hotfix security update for console
Type/Severity
Security Advisory: Critical
Topic
Red Hat Multicluster Engine Hotfix Security Update for ConsoleRed Hat Product Security has rated this update as having a security impactof Critical A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis
Moderate: Secondary Scheduler Operator for Red Hat OpenShift 111 security update
Type/Severity
Security Advisory: Moderate
Topic
Secondary Scheduler Operator for Red Hat OpenShift 111Red Hat Product Security has rated this update as having a security impact ofModerate A Common Vulnerability Scoring System (CVSS) base score, whic ...
Synopsis
Important: OpenShift Container Platform 41145 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41145 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Synopsis
Important: OpenShift Container Platform 4132 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 4132 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption This issue affects all RSA padding m ...
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption This issue affects all RSA padding m ...
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption This issue affects all RSA padding m ...
A null pointer dereference flaw was found in openssl A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service The highest threat from this vulnerability is to system availability (CVE-2020-1971)
Calls to EVP_CipherUpdate, EVP_En ...
PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023 ...