csaf_suse - suse-su-2024:3905-1

Vulnerability from csaf_suse

Published

2024-11-04 12:39

Modified

2024-11-04 12:39

Summary

Security update for openssl-1_1

Notes

Title of the patch

Security update for openssl-1_1

Description of the patch

This update for openssl-1_1 fixes the following issues: Security fixes: - CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) Other fixes: - FIPS: AES GCM external IV implementation (bsc#1228618) - FIPS: Mark PBKDF2 and HKDF HMAC input keys with size >= 112 bits as approved in the SLI. (bsc#1228623) - FIPS: Enforce KDF in FIPS style (bsc#1224270) - FIPS: Mark HKDF and TLSv1.3 KDF as approved in the SLI (bsc#1228619) - FIPS: The X9.31 scheme is not approved for RSA signature operations in FIPS 186-5. (bsc#1224269) - FIPS: Differentiate the PSS length requirements (bsc#1224275) - FIPS: Mark sigGen and sigVer primitives as non-approved (bsc#1224272) - FIPS: Disable PKCSv1.5 and shake in FIPS mode (bsc#1224271) - FIPS: Mark SHA1 as non-approved in the SLI (bsc#1224266) - FIPS: DH FIPS selftest and safe prime group (bsc#1224264) - FIPS: Remove not needed FIPS DRBG files (bsc#1224268) - FIPS: Add Pair-wise Consistency Test when generating DH key (bsc#1224265) - FIPS: Disallow non-approved KDF types (bsc#1224267) - FIPS: Disallow RSA sigVer with 1024 and ECDSA sigVer/keyVer P-192 (bsc#1224273) - FIPS: DRBG component chaining (bsc#1224258) - FIPS: Align CRNGT_BUFSIZ with Jitter RNG output size (bsc#1224260)

Patchnames

SUSE-2024-3905,SUSE-SLE-Module-Basesystem-15-SP6-2024-3905,SUSE-SLE-Module-Development-Tools-15-SP6-2024-3905,SUSE-SLE-Module-Legacy-15-SP6-2024-3905,openSUSE-SLE-15.6-2024-3905

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for openssl-1_1",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for openssl-1_1 fixes the following issues:\n\nSecurity fixes:\n\n- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)\n\nOther fixes:\n\n- FIPS: AES GCM external IV implementation (bsc#1228618)\n- FIPS: Mark PBKDF2 and HKDF HMAC input keys with size >= 112 bits as approved in the SLI. (bsc#1228623)\n- FIPS: Enforce KDF in FIPS style (bsc#1224270)\n- FIPS: Mark HKDF and TLSv1.3 KDF as approved in the SLI (bsc#1228619)\n- FIPS: The X9.31 scheme is not approved for RSA signature operations in FIPS 186-5. (bsc#1224269)\n- FIPS: Differentiate the PSS length requirements (bsc#1224275)\n- FIPS: Mark sigGen and sigVer primitives as non-approved (bsc#1224272)\n- FIPS: Disable PKCSv1.5 and shake in FIPS mode (bsc#1224271)\n- FIPS: Mark SHA1 as non-approved in the SLI (bsc#1224266)\n- FIPS: DH FIPS selftest and safe prime group (bsc#1224264)\n- FIPS: Remove not needed FIPS DRBG files (bsc#1224268)\n- FIPS: Add Pair-wise Consistency Test when generating DH key (bsc#1224265)\n- FIPS: Disallow non-approved KDF types (bsc#1224267)\n- FIPS: Disallow RSA sigVer with 1024 and ECDSA sigVer/keyVer P-192 (bsc#1224273)\n- FIPS: DRBG component chaining (bsc#1224258)\n- FIPS: Align CRNGT_BUFSIZ with Jitter RNG output size (bsc#1224260)\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-3905,SUSE-SLE-Module-Basesystem-15-SP6-2024-3905,SUSE-SLE-Module-Development-Tools-15-SP6-2024-3905,SUSE-SLE-Module-Legacy-15-SP6-2024-3905,openSUSE-SLE-15.6-2024-3905",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3905-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:3905-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20243905-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:3905-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019774.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1220262",
            url: "https://bugzilla.suse.com/1220262",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224258",
            url: "https://bugzilla.suse.com/1224258",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224260",
            url: "https://bugzilla.suse.com/1224260",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224264",
            url: "https://bugzilla.suse.com/1224264",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224265",
            url: "https://bugzilla.suse.com/1224265",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224266",
            url: "https://bugzilla.suse.com/1224266",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224267",
            url: "https://bugzilla.suse.com/1224267",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224268",
            url: "https://bugzilla.suse.com/1224268",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224269",
            url: "https://bugzilla.suse.com/1224269",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224270",
            url: "https://bugzilla.suse.com/1224270",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224271",
            url: "https://bugzilla.suse.com/1224271",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224272",
            url: "https://bugzilla.suse.com/1224272",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224273",
            url: "https://bugzilla.suse.com/1224273",
         },
         {
            category: "self",
            summary: "SUSE Bug 1224275",
            url: "https://bugzilla.suse.com/1224275",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228618",
            url: "https://bugzilla.suse.com/1228618",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228619",
            url: "https://bugzilla.suse.com/1228619",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228623",
            url: "https://bugzilla.suse.com/1228623",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-50782 page",
            url: "https://www.suse.com/security/cve/CVE-2023-50782/",
         },
      ],
      title: "Security update for openssl-1_1",
      tracking: {
         current_release_date: "2024-11-04T12:39:03Z",
         generator: {
            date: "2024-11-04T12:39:03Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:3905-1",
         initial_release_date: "2024-11-04T12:39:03Z",
         revision_history: [
            {
               date: "2024-11-04T12:39:03Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
                        product: {
                           name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
                           product_id: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
                        product: {
                           name: "libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
                           product_id: "libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
                        product: {
                           name: "openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
                           product_id: "openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libopenssl-1_1-devel-64bit-1.1.1w-150600.5.9.1.aarch64_ilp32",
                        product: {
                           name: "libopenssl-1_1-devel-64bit-1.1.1w-150600.5.9.1.aarch64_ilp32",
                           product_id: "libopenssl-1_1-devel-64bit-1.1.1w-150600.5.9.1.aarch64_ilp32",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libopenssl1_1-64bit-1.1.1w-150600.5.9.1.aarch64_ilp32",
                        product: {
                           name: "libopenssl1_1-64bit-1.1.1w-150600.5.9.1.aarch64_ilp32",
                           product_id: "libopenssl1_1-64bit-1.1.1w-150600.5.9.1.aarch64_ilp32",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64_ilp32",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.i586",
                        product: {
                           name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.i586",
                           product_id: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libopenssl1_1-1.1.1w-150600.5.9.1.i586",
                        product: {
                           name: "libopenssl1_1-1.1.1w-150600.5.9.1.i586",
                           product_id: "libopenssl1_1-1.1.1w-150600.5.9.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "openssl-1_1-1.1.1w-150600.5.9.1.i586",
                        product: {
                           name: "openssl-1_1-1.1.1w-150600.5.9.1.i586",
                           product_id: "openssl-1_1-1.1.1w-150600.5.9.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "openssl-1_1-doc-1.1.1w-150600.5.9.1.noarch",
                        product: {
                           name: "openssl-1_1-doc-1.1.1w-150600.5.9.1.noarch",
                           product_id: "openssl-1_1-doc-1.1.1w-150600.5.9.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
                        product: {
                           name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
                           product_id: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
                        product: {
                           name: "libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
                           product_id: "libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
                        product: {
                           name: "openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
                           product_id: "openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
                        product: {
                           name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
                           product_id: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
                        product: {
                           name: "libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
                           product_id: "libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "openssl-1_1-1.1.1w-150600.5.9.1.s390x",
                        product: {
                           name: "openssl-1_1-1.1.1w-150600.5.9.1.s390x",
                           product_id: "openssl-1_1-1.1.1w-150600.5.9.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
                        product: {
                           name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
                           product_id: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1.x86_64",
                        product: {
                           name: "libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1.x86_64",
                           product_id: "libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
                        product: {
                           name: "libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
                           product_id: "libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
                        product: {
                           name: "libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
                           product_id: "libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
                        product: {
                           name: "openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
                           product_id: "openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-basesystem:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-development-tools:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Legacy 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Legacy 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Legacy 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-legacy:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "openSUSE Leap 15.6",
                        product: {
                           name: "openSUSE Leap 15.6",
                           product_id: "openSUSE Leap 15.6",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:leap:15.6",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-1.1.1w-150600.5.9.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
            },
            product_reference: "libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
            },
            product_reference: "libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-1.1.1w-150600.5.9.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
            },
            product_reference: "libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-1.1.1w-150600.5.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
            },
            product_reference: "libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
            },
            product_reference: "libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
            },
            product_reference: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
            },
            product_reference: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
            },
            product_reference: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
            },
            product_reference: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "openssl-1_1-1.1.1w-150600.5.9.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
            },
            product_reference: "openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "openssl-1_1-1.1.1w-150600.5.9.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
            },
            product_reference: "openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "openssl-1_1-1.1.1w-150600.5.9.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.s390x",
            },
            product_reference: "openssl-1_1-1.1.1w-150600.5.9.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "openssl-1_1-1.1.1w-150600.5.9.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
            },
            product_reference: "openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
            },
            product_reference: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
            },
            product_reference: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
            },
            product_reference: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
            },
            product_reference: "libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1.x86_64",
            },
            product_reference: "libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-1.1.1w-150600.5.9.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
            },
            product_reference: "libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
            },
            product_reference: "libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-1.1.1w-150600.5.9.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
            },
            product_reference: "libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-1.1.1w-150600.5.9.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
            },
            product_reference: "libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
            },
            product_reference: "libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "openssl-1_1-1.1.1w-150600.5.9.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
            },
            product_reference: "openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "openssl-1_1-1.1.1w-150600.5.9.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
            },
            product_reference: "openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "openssl-1_1-1.1.1w-150600.5.9.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.s390x",
            },
            product_reference: "openssl-1_1-1.1.1w-150600.5.9.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "openssl-1_1-1.1.1w-150600.5.9.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
            },
            product_reference: "openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "openssl-1_1-doc-1.1.1w-150600.5.9.1.noarch as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:openssl-1_1-doc-1.1.1w-150600.5.9.1.noarch",
            },
            product_reference: "openssl-1_1-doc-1.1.1w-150600.5.9.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-50782",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-50782",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
               "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
               "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
               "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
               "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
               "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
               "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
               "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.s390x",
               "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
               "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
               "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
               "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
               "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
               "openSUSE Leap 15.6:libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1.x86_64",
               "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
               "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
               "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
               "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
               "openSUSE Leap 15.6:libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
               "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
               "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
               "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.s390x",
               "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
               "openSUSE Leap 15.6:openssl-1_1-doc-1.1.1w-150600.5.9.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-50782",
               url: "https://www.suse.com/security/cve/CVE-2023-50782",
            },
            {
               category: "external",
               summary: "SUSE Bug 1218043 for CVE-2023-50782",
               url: "https://bugzilla.suse.com/1218043",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
                  "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
                  "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
                  "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
                  "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
                  "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
                  "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
                  "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.s390x",
                  "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
                  "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
                  "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
                  "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
                  "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
                  "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.s390x",
                  "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:openssl-1_1-doc-1.1.1w-150600.5.9.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
                  "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
                  "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
                  "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
                  "SUSE Linux Enterprise Module for Development Tools 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
                  "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
                  "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
                  "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.s390x",
                  "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.aarch64",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.ppc64le",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.s390x",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.aarch64",
                  "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.ppc64le",
                  "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.s390x",
                  "openSUSE Leap 15.6:libopenssl1_1-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:libopenssl1_1-32bit-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.aarch64",
                  "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.ppc64le",
                  "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.s390x",
                  "openSUSE Leap 15.6:openssl-1_1-1.1.1w-150600.5.9.1.x86_64",
                  "openSUSE Leap 15.6:openssl-1_1-doc-1.1.1w-150600.5.9.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-11-04T12:39:03Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-50782",
      },
   ],
}

cve-2023-50782

Vulnerability from cvelistv5

Published

2024-02-05 20:45

Modified

2024-11-25 10:24

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.

References

▼	URL	Tags
	https://access.redhat.com/security/cve/CVE-2023-50782	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2254432	issue-tracking, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

▼

Version: 3.2 ≤

Red Hat	Red Hat Ansible Automation Platform 2	cpe:/a:redhat:ansible_automation_platform:2
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Satellite 6	cpe:/a:redhat:satellite:6
Red Hat	Red Hat Update Infrastructure 4 for Cloud Providers	cpe:/a:redhat:rhui:4::el8

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T22:23:43.327Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2023-50782",
               },
               {
                  name: "RHBZ#2254432",
                  tags: [
                     "issue-tracking",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254432",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.couchbase.com/alerts/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/pyca/cryptography",
               defaultStatus: "unaffected",
               packageName: "python-cryptography",
               versions: [
                  {
                     lessThan: "42.0.0",
                     status: "affected",
                     version: "3.2",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:ansible_automation_platform:2",
               ],
               defaultStatus: "unaffected",
               packageName: "python-cryptography",
               product: "Red Hat Ansible Automation Platform 2",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unknown",
               packageName: "python-cryptography",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "python39:3.9/python-cryptography",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8",
               ],
               defaultStatus: "affected",
               packageName: "python-cryptography",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9",
               ],
               defaultStatus: "affected",
               packageName: "python-cryptography",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:satellite:6",
               ],
               defaultStatus: "unaffected",
               packageName: "python-cryptography",
               product: "Red Hat Satellite 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhui:4::el8",
               ],
               defaultStatus: "affected",
               packageName: "python-cryptography",
               product: "Red Hat Update Infrastructure 4 for Cloud Providers",
               vendor: "Red Hat",
            },
         ],
         credits: [
            {
               lang: "en",
               value: "This issue was discovered by Hubert Kario (Red Hat).",
            },
         ],
         datePublic: "2023-12-13T00:00:00+00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Moderate",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-208",
                     description: "Observable Timing Discrepancy",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-25T10:24:46.647Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2023-50782",
            },
            {
               name: "RHBZ#2254432",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254432",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2023-12-13T00:00:00+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2023-12-13T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
            },
         ],
         x_redhatCweChain: "CWE-327->CWE-385->CWE-208: Use of a Broken or Risky Cryptographic Algorithm leads to Covert Timing Channel leads to Observable Timing Discrepancy",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-50782",
      datePublished: "2024-02-05T20:45:49.705Z",
      dateReserved: "2023-12-13T20:44:02.023Z",
      dateUpdated: "2024-11-25T10:24:46.647Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

cve-2023-50782

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature