RHSA-2020:5566

Affecting openssl-libs package, versions <1:1.0.2k-21.el7_9

Report new vulnerabilities
high severity
Do your applications use this vulnerable package? Test your applications

Overview

Affected versions of this package are vulnerable to RHSA-2020:5566. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade openssl-libs to version or higher.

References

CVE
RHSA-2020:5566
Snyk ID
SNYK-CENTOS7-OPENSSLLIBS-1052499
Published
18 Dec, 2020