CVE-2017-3732
published 2017-05-04CVE-2017-3732: There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are…
PriorityP339medium5.9CVSS 3.1
AVNACHPRNUINSUCHINAN
EPSS
15.93%
96.5th percentile
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem.
Affected
47 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | openssl | < openssl 1.1.0h-1 (bookworm) | openssl 1.1.0h-1 (bookworm) |
| debian | openssl | < openssl 1.1.0d-1 (bookworm) | openssl 1.1.0d-1 (bookworm) |
| nodejs | node.js | 4.0.0 – 4.1.2 | — |
| nodejs | node.js | >= 4.2.0 < 4.8.7 | 4.8.7 |
| nodejs | node.js | >= 4.2.0 < 4.7.3 | 4.7.3 |
| nodejs | node.js | 5.0.0 – 5.12.0 | — |
| nodejs | node.js | 6.0.0 – 6.8.1 | — |
| nodejs | node.js | >= 6.9.0 < 6.12.2 | 6.12.2 |
| nodejs | node.js | >= 6.9.0 < 6.9.5 | 6.9.5 |
| nodejs | node.js | >= 7.0.0 < 7.5.0 | 7.5.0 |
| nodejs | node.js | 8.0.0 – 8.8.1 | — |
| nodejs | node.js | >= 8.9.0 < 8.9.3 | 8.9.3 |
| nodejs | node.js | >= 9.0.0 < 9.2.1 | 9.2.1 |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv9.8CRITICAL
vendor_ubuntu9.8CRITICAL
vendor_cisco7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
vendor_redhat·2017-12-07·CVSS 7.5
CVE-2017-3738 [HIGH] CWE-190 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2
BSD
FreeBSD-SA-17:02.openssl: OpenSSL multiple vulnerabilities
bsd_advisories·2017-02-23·CVSS 5.9
CVE-2016-7055 [MEDIUM] FreeBSD-SA-17:02.openssl: OpenSSL multiple vulnerabilities
FreeBSD-SA-17:02.openssl Security Advisory
The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib
Module: openssl
Announced: 2017-02-23
Affects: All supported versions of FreeBSD.
Corrected: 2017-01-26 19:14:14 UTC (stable/11, 11.0-STABLE)
2017-02-23 07:11:48 UTC (releng/11.0, 11.0-RELEASE-p8)
2017-01-27 07:45:06 UTC (stable/10, 10.3-STABLE)
2017-02-23 07:12:18 UTC (releng/10.3, 10.3-RELEASE-p17)
CVE Name: CVE-2016-7055, CVE-2017-3731, CVE-2017-3732
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit .
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is
a collaborative effort to develop a robust, commercial-grade
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2017-01-31·CVSS 9.8
CVE-2016-2177 [CRITICAL] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
Guido Vranken discovered that OpenSSL used undefined behaviour when
performing pointer arithmetic. A remote attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. This
issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other
releases were fixed in a previous security update. (CVE-2016-2177)
It was discovered that OpenSSL did not properly handle Montgomery
multiplication, resulting in incorrect results leading to transient
failures. This issue only applied to Ubuntu 16.04 LTS, and Ubuntu 16.10.
(CVE-2016-7055)
It was discovered that OpenSSL did not properly use constant-time
operations when performing ECDSA P-256 signing. A remote attacker could
Cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
vendor_cisco·2017-01-31·CVSS 7.5
CVE-2017-3730 [HIGH] CWE-310 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for November 2016 and included in the Cisco Security Advisory Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016. OpenSSL classifies all the new vulnerabilities as “Moderate Severity.”
The first vulnerability affects only OpenSSL used on 32-bit systems architecture and may cause OpenSSL to crash. The second vulnerability affects only version 1.1.0 and occurs only when OpenSSL is used on the client side. The second vulnerability may cause OpenSSL to crash when
Red Hat
openssl: BN_mod_exp may produce incorrect results on x86_64
vendor_redhat·2017-01-26·CVSS 7.5
CVE-2017-3732 [HIGH] openssl: BN_mod_exp may produce incorrect results on x86_64
openssl: BN_mod_exp may produce incorrect results on x86_64
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario w
Debian
CVE-2017-3738: openssl - There is an overflow bug in the AVX2 Montgomery multiplication procedure used in...
vendor_debian·2017·CVSS 7.5
CVE-2017-3738 [HIGH] CVE-2017-3738: openssl - There is an overflow bug in the AVX2 Montgomery multiplication procedure used in...
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th gener
Debian
CVE-2017-3732: openssl - There is a carry propagating bug in the x86_64 Montgomery squaring procedure in ...
vendor_debian·2017·CVSS 7.5
CVE-2017-3732 [HIGH] CVE-2017-3732: openssl - There is a carry propagating bug in the x86_64 Montgomery squaring procedure in ...
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared
Cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
vendor_cisco
CVE-2017-3732 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
CVE-2017-3732: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for November 2016 and included in the Cisco Security Advisory Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 . OpenSSL classifies all the new vulnerabilities as “Moderate Severity.” The first vulnerability affects only OpenSSL used on 32-bit systems architecture and may cause OpenSSL to crash. The second vulnerability affects only version 1.1.0 and occurs only when OpenSSL is used on the client side. The second vulnerability may cause OpenSSL
GHSA
GHSA-gj3m-w8pf-46c5: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli
ghsa_unreviewed·2022-05-14·CVSS 7.5
CVE-2017-3738 [HIGH] CWE-200 GHSA-gj3m-w8pf-46c5: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th gener
GHSA
GHSA-5hg3-8gvm-5294: There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1
ghsa_unreviewed·2022-05-14·CVSS 7.5
CVE-2017-3732 [HIGH] CWE-200 GHSA-5hg3-8gvm-5294: There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared
OSV
CVE-2017-3738: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli
osv·2017-12-07·CVSS 7.5
CVE-2017-3738 [HIGH] CVE-2017-3738: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th gener
OSV
CVE-2017-3732: There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1
osv·2017-05-04·CVSS 7.5
CVE-2017-3732 [HIGH] CVE-2017-3732: There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared
OSV
openssl vulnerabilities
osv·2017-01-31·CVSS 9.8
CVE-2016-2177 [CRITICAL] openssl vulnerabilities
openssl vulnerabilities
Guido Vranken discovered that OpenSSL used undefined behaviour when
performing pointer arithmetic. A remote attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. This
issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other
releases were fixed in a previous security update. (CVE-2016-2177)
It was discovered that OpenSSL did not properly handle Montgomery
multiplication, resulting in incorrect results leading to transient
failures. This issue only applied to Ubuntu 16.04 LTS, and Ubuntu 16.10.
(CVE-2016-7055)
It was discovered that OpenSSL did not properly use constant-time
operations when performing ECDSA P-256 signing. A remote attacker could
possibly use this issue to perform a timing attack and recover
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
bugzilla·2017-12-08·CVSS 7.5
CVE-2017-3738 [HIGH] CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
There is an overflow bug in the AVX2 Montgomery multiplication procedure
used in exponentiation with 1024-bit moduli. No EC algorithms are affected.
Analysis suggests that attacks against RSA and DSA as a result of this defect
would be very difficult to perform and are not believed likely. Attacks
against DH1024 are considered just feasible, because most of the work
necessary to deduce information about a private key may be performed offline.
The amount of resources required for such an attack would be significant.
However, for an attack on TLS to be meaningful, the server would have to share
the DH1024 private key among multiple clients, which is no longer an option
since CVE-2016-0701.
This only affects processors that su
Bugzilla
CVE-2017-3736 openssl: bn_sqrx8x_internal carry bug on x86_64
bugzilla·2017-11-03·CVSS 7.5
CVE-2017-3736 [HIGH] CVE-2017-3736 openssl: bn_sqrx8x_internal carry bug on x86_64
CVE-2017-3736 openssl: bn_sqrx8x_internal carry bug on x86_64
There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No
EC algorithms are affected. Analysis suggests that attacks against RSA and DSA
as a result of this defect would be very difficult to perform and are not
believed likely. Attacks against DH are considered just feasible (although very
difficult) because most of the work necessary to deduce information
about a private key may be performed offline. The amount of resources
required for such an attack would be very significant and likely only
accessible to a limited number of attackers. An attacker would
additionally need online access to an unpatched system using the target
private key in a scenario with persistent DH parameters and a private
key that i
Bugzilla
CVE-2017-3731 openssl101e: openssl: Truncated packet could crash via OOB read [epel-5]
bugzilla·2017-01-26·CVSS 7.5
CVE-2017-3731 [HIGH] CVE-2017-3731 openssl101e: openssl: Truncated packet could crash via OOB read [epel-5]
CVE-2017-3731 openssl101e: openssl: Truncated packet could crash via OOB read [epel-5]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
[bug automatically created by: add-trackin
Bugzilla
CVE-2017-3731 CVE-2017-3732 mingw-openssl: various flaws [fedora-all]
bugzilla·2017-01-26·CVSS 7.5
CVE-2017-3731 [HIGH] CVE-2017-3731 CVE-2017-3732 mingw-openssl: various flaws [fedora-all]
CVE-2017-3731 CVE-2017-3732 mingw-openssl: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora.
Bugzilla
CVE-2017-3731 CVE-2017-3732 openssl: various flaws [fedora-all]
bugzilla·2017-01-26·CVSS 7.5
CVE-2017-3731 [HIGH] CVE-2017-3731 CVE-2017-3732 openssl: various flaws [fedora-all]
CVE-2017-3731 CVE-2017-3732 openssl: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While
Bugzilla
CVE-2017-3732 openssl: BN_mod_exp may produce incorrect results on x86_64
bugzilla·2017-01-26·CVSS 7.5
CVE-2017-3732 [HIGH] CVE-2017-3732 openssl: BN_mod_exp may produce incorrect results on x86_64
CVE-2017-3732 openssl: BN_mod_exp may produce incorrect results on x86_64
There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a privat
Bugzilla
CVE-2017-3731 CVE-2017-3732 mingw-openssl: various flaws [epel-7]
bugzilla·2017-01-26·CVSS 7.5
CVE-2017-3731 [HIGH] CVE-2017-3731 CVE-2017-3732 mingw-openssl: various flaws [epel-7]
CVE-2017-3731 CVE-2017-3732 mingw-openssl: various flaws [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
[bug automatically created by: add-tracking-bugs]
Discussion:
Tenable
[R5] SecurityCenter 5.4.3 Fixes Multiple Vulnerabilities
blogs_tenable·2017-02-14
[R5] SecurityCenter 5.4.3 Fixes Multiple Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
[R2] Nessus 6.10 Fixes Multiple Third-party Library Vulnerabilities
blogs_tenable·2017-02-01
[R2] Nessus 6.10 Fixes Multiple Third-party Library Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.securityfocus.com/bid/95814http://www.securitytracker.com/id/1037717https://access.redhat.com/errata/RHSA-2018:2185https://access.redhat.com/errata/RHSA-2018:2186https://access.redhat.com/errata/RHSA-2018:2187https://access.redhat.com/errata/RHSA-2018:2568https://access.redhat.com/errata/RHSA-2018:2575https://access.redhat.com/errata/RHSA-2018:2713https://github.com/openssl/openssl/commit/a59b90bf491410f1f2bc4540cc21f1980fd14c5bhttps://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.aschttps://security.gentoo.org/glsa/201702-07https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03838en_ushttps://www.openssl.org/news/secadv/20170126.txthttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://www.tenable.com/security/tns-2017-04http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.securityfocus.com/bid/95814http://www.securitytracker.com/id/1037717https://access.redhat.com/errata/RHSA-2018:2185https://access.redhat.com/errata/RHSA-2018:2186https://access.redhat.com/errata/RHSA-2018:2187https://access.redhat.com/errata/RHSA-2018:2568https://access.redhat.com/errata/RHSA-2018:2575https://access.redhat.com/errata/RHSA-2018:2713https://github.com/openssl/openssl/commit/a59b90bf491410f1f2bc4540cc21f1980fd14c5bhttps://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.aschttps://security.gentoo.org/glsa/201702-07https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03838en_ushttps://www.openssl.org/news/secadv/20170126.txthttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://www.tenable.com/security/tns-2017-04
2017-05-04
Published