CLSA-2026-1777455447
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777455447.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1777455447
- Upstream
- Published
- 2026-04-29T09:37:33Z
- Modified
- 2026-06-01T00:33:13.005422313Z
- Summary
- openssl: Fix of CVE-2026-28387
- Details
-
- CVE-2026-28387: fix use-after-free / double-free in danematch() by releasing the previously stored dane->mcert with X509free() instead of OPENSSLfree(); the slot is reference-bumped via X509upref() so the matching free is X509free()
- References
Affected packages
TuxCare:CentOS:8.4 / openssl
Package
- Name
- openssl
- Purl
- pkg:rpm/tuxcare/openssl?distro=centos-8.4
TuxCare:CentOS:8.4 / openssl-devel
Package
- Name
- openssl-devel
- Purl
- pkg:rpm/tuxcare/openssl-devel?distro=centos-8.4
TuxCare:CentOS:8.4 / openssl-libs
Package
- Name
- openssl-libs
- Purl
- pkg:rpm/tuxcare/openssl-libs?distro=centos-8.4
TuxCare:CentOS:8.4 / openssl-perl
Package
- Name
- openssl-perl
- Purl
- pkg:rpm/tuxcare/openssl-perl?distro=centos-8.4