CLSA-2026-1777297012

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777297012.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1777297012

Upstream

CVE-2026-28388

CVE-2026-28389

CVE-2026-28390

Published

2026-04-27T13:36:57Z

Modified

2026-06-01T00:32:38.163319975Z

Summary

openssl: Fix of 3 CVEs

Details

CVE-2026-28388: fix NULL dereference in checkdeltabase() when a Delta CRL lacks the CRL Number extension
CVE-2026-28389: fix NULL dereference in dh/ecdhcmssetsharedinfo() when KeyEncryptionAlgorithmIdentifier has no parameters field
CVE-2026-28390: fix NULL dereference in rsacmsdecrypt() when the pSourceFunc X509_ALGOR has no parameters field

References

https://errata.tuxcare.com/els_os/centos8.4els/CLSA-2026-1777297012.html

Affected packages

TuxCare:CentOS:8.4 / openssl

Package

Name: openssl
Purl: pkg:rpm/tuxcare/openssl?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1g-15.el8.4.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777297012.json"

TuxCare:CentOS:8.4 / openssl-devel

Package

Name: openssl-devel
Purl: pkg:rpm/tuxcare/openssl-devel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1g-15.el8.4.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777297012.json"

TuxCare:CentOS:8.4 / openssl-libs

Package

Name: openssl-libs
Purl: pkg:rpm/tuxcare/openssl-libs?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1g-15.el8.4.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777297012.json"

TuxCare:CentOS:8.4 / openssl-perl

Package

Name: openssl-perl
Purl: pkg:rpm/tuxcare/openssl-perl?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1g-15.el8.4.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777297012.json"

TuxCare:CentOS:8.4 / openssl-static

Package

Name: openssl-static
Purl: pkg:rpm/tuxcare/openssl-static?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1g-15.el8.4.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777297012.json"