openssl (Ubuntu:24.10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Ubuntu:24.10 package openssl, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2024-12797 — CVSS 6.3 (medium): Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not…
CVE-2024-9143 — CVSS 4.3 (medium): Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to…
CVE-2024-13176 — CVSS 4.1 (medium): Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation…