RHSA-2020:5566
Affecting openssl-libs package, versions <1:1.0.2k-21.el7_9
Report new vulnerabilities
high severity
Do your applications use this vulnerable package?
Test your applications
Overview
Affected versions of this package are vulnerable to RHSA-2020:5566. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Remediation
Upgrade openssl-libs to version or higher.
References
- CVE
- RHSA-2020:5566
- Snyk ID
- SNYK-CENTOS7-OPENSSLLIBS-1052499
- Published
- 18 Dec, 2020