CLSA-2024-1720026957

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1720026957.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2024-1720026957

Upstream

CVE-2023-0215

CVE-2023-0464

Published

2024-07-03T17:16:01Z

Modified

2026-06-01T00:33:17.454949177Z

Summary

openssl: Fix of 2 CVEs

Details

CVE-2023-0215: biondef: fix a UAF resulting from a bug in BIOnew_NDEF
CVE-2023-0464: x509v3: Limit X.509 certificate tree size to avoid exponential use of computational resources

References

https://errata.tuxcare.com/centos7-els/CLSA-2024-1720026957.html

Affected packages

TuxCare:CentOS:7 / openssl

Package

Name: openssl
Purl: pkg:rpm/tuxcare/openssl?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.0.2k-26.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1720026957.json"

TuxCare:CentOS:7 / openssl-devel

Package

Name: openssl-devel
Purl: pkg:rpm/tuxcare/openssl-devel?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.0.2k-26.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1720026957.json"

TuxCare:CentOS:7 / openssl-libs

Package

Name: openssl-libs
Purl: pkg:rpm/tuxcare/openssl-libs?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.0.2k-26.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1720026957.json"

TuxCare:CentOS:7 / openssl-perl

Package

Name: openssl-perl
Purl: pkg:rpm/tuxcare/openssl-perl?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.0.2k-26.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1720026957.json"

TuxCare:CentOS:7 / openssl-static

Package

Name: openssl-static
Purl: pkg:rpm/tuxcare/openssl-static?distro=centos-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.0.2k-26.el7_9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1720026957.json"