UBUNTU-CVE-2026-28387
- Source
- https://ubuntu.com/security/CVE-2026-28387
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-28387.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2026-28387
- Upstream
- Downstream
- Related
- Published
- 2026-04-07T00:00:00Z
- Modified
- 2026-04-27T19:56:45.305783Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - low
- Summary
- [none]
- Details
-
Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, the issue only affects clients that make use of TLSA records with both the PKIX-TA(0/PKIX-EE(1) certificate usages and the DANE-TA(2) certificate usage. By far the most common deployment of DANE is in SMTP MTAs for which RFC7672 recommends that clients treat as 'unusable' any TLSA records that have the PKIX certificate usages. These SMTP (or other similar) clients are not vulnerable to this issue. Conversely, any clients that support only the PKIX usages, and ignore the DANE-TA(2) usage are also not vulnerable. The client would also need to be communicating with a server that publishes a TLSA RRset with both types of TLSA records. No FIPS modules are affected by this issue, the problem code is outside the FIPS module boundary.
- References
Affected packages
Ubuntu:20.04:LTS
edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@0~20191122.bd85bf54-2ubuntu3.6?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0~20190606.*
0~20190606.20d2e5a1-2ubuntu1
0~20190828.*
0~20190828.37eef910-3
0~20190828.37eef910-4
0~20191122.*
0~20191122.bd85bf54-1
0~20191122.bd85bf54-1ubuntu1
0~20191122.bd85bf54-2
0~20191122.bd85bf54-2ubuntu1
0~20191122.bd85bf54-2ubuntu2
0~20191122.bd85bf54-2ubuntu3
0~20191122.bd85bf54-2ubuntu3.1
0~20191122.bd85bf54-2ubuntu3.2
0~20191122.bd85bf54-2ubuntu3.3
0~20191122.bd85bf54-2ubuntu3.4
0~20191122.bd85bf54-2ubuntu3.5
0~20191122.bd85bf54-2ubuntu3.6
Ecosystem specific
{
"binaries": [
{
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6",
"binary_name": "ovmf"
},
{
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6",
"binary_name": "qemu-efi"
},
{
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6",
"binary_name": "qemu-efi-aarch64"
},
{
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6",
"binary_name": "qemu-efi-arm"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}Ubuntu:22.04:LTS
edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@2022.02-3ubuntu0.22.04.5?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2021.*
2021.08~rc0-2
2021.08-3
2021.11~rc1-1
2021.11-1
2021.11-2
2022.*
2022.02~rc1-1
2022.02~rc1-1ubuntu1
2022.02-1
2022.02-2
2022.02-3
2022.02-3ubuntu0.22.04.1
2022.02-3ubuntu0.22.04.2
2022.02-3ubuntu0.22.04.3
2022.02-3ubuntu0.22.04.4
2022.02-3ubuntu0.22.04.5
Ecosystem specific
{
"binaries": [
{
"binary_version": "2022.02-3ubuntu0.22.04.5",
"binary_name": "ovmf"
},
{
"binary_version": "2022.02-3ubuntu0.22.04.5",
"binary_name": "ovmf-ia32"
},
{
"binary_version": "2022.02-3ubuntu0.22.04.5",
"binary_name": "qemu-efi"
},
{
"binary_version": "2022.02-3ubuntu0.22.04.5",
"binary_name": "qemu-efi-aarch64"
},
{
"binary_version": "2022.02-3ubuntu0.22.04.5",
"binary_name": "qemu-efi-arm"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.23?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.2-0ubuntu1.23
Affected versions
1.*
1.1.1l-1ubuntu1
3.*
3.0.0-1ubuntu1
3.0.1-0ubuntu1
3.0.2-0ubuntu1
3.0.2-0ubuntu1.1
3.0.2-0ubuntu1.2
3.0.2-0ubuntu1.4
3.0.2-0ubuntu1.5
3.0.2-0ubuntu1.6
3.0.2-0ubuntu1.7
3.0.2-0ubuntu1.8
3.0.2-0ubuntu1.9
3.0.2-0ubuntu1.10
3.0.2-0ubuntu1.12
3.0.2-0ubuntu1.13
3.0.2-0ubuntu1.14
3.0.2-0ubuntu1.15
3.0.2-0ubuntu1.16
3.0.2-0ubuntu1.17
3.0.2-0ubuntu1.18
3.0.2-0ubuntu1.19
3.0.2-0ubuntu1.20
3.0.2-0ubuntu1.21
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "3.0.2-0ubuntu1.23",
"binary_name": "libssl3"
},
{
"binary_version": "3.0.2-0ubuntu1.23",
"binary_name": "openssl"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}Ubuntu:24.04:LTS
edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@2024.02-2ubuntu0.8?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2023.*
2023.05-2
2023.11-2
2023.11-3
2023.11-4
2023.11-5
2023.11-6
2023.11-8
2024.*
2024.02-1
2024.02-2
2024.02-2ubuntu0.1
2024.02-2ubuntu0.3
2024.02-2ubuntu0.4
2024.02-2ubuntu0.5
2024.02-2ubuntu0.6
2024.02-2ubuntu0.7
2024.02-2ubuntu0.8
Ecosystem specific
{
"binaries": [
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "efi-shell-aa64"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "efi-shell-arm"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "efi-shell-ia32"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "efi-shell-riscv64"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "efi-shell-x64"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "ovmf"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "ovmf-ia32"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "ovmf-legacy"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "qemu-efi-aarch64"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "qemu-efi-arm"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "qemu-efi-riscv64"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.9?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.13-0ubuntu3.9
Affected versions
3.*
3.0.10-1ubuntu2
3.0.10-1ubuntu2.1
3.0.10-1ubuntu3
3.0.10-1ubuntu4
3.0.13-0ubuntu2
3.0.13-0ubuntu3
3.0.13-0ubuntu3.1
3.0.13-0ubuntu3.2
3.0.13-0ubuntu3.3
3.0.13-0ubuntu3.4
3.0.13-0ubuntu3.5
3.0.13-0ubuntu3.6
3.0.13-0ubuntu3.7
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "3.0.13-0ubuntu3.9",
"binary_name": "libssl3t64"
},
{
"binary_version": "3.0.13-0ubuntu3.9",
"binary_name": "openssl"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}Ubuntu:25.10
edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@2025.02-8ubuntu3.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2025.*
2025.02-3ubuntu2
2025.02-8
2025.02-8ubuntu1
2025.02-8ubuntu2
2025.02-8ubuntu3
2025.02-8ubuntu3.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "efi-shell-aa64"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "efi-shell-arm"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "efi-shell-ia32"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "efi-shell-loongarch64"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "efi-shell-riscv64"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "efi-shell-x64"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "ovmf"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "ovmf-ia32"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "ovmf-inteltdx"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "ovmf-legacy"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "qemu-efi-aarch64"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "qemu-efi-arm"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "qemu-efi-loongarch64"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "qemu-efi-riscv64"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@3.5.3-1ubuntu3.3?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.5.3-1ubuntu3.3
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "3.5.3-1ubuntu3.3",
"binary_name": "libssl3t64"
},
{
"binary_version": "3.5.3-1ubuntu3.3",
"binary_name": "openssl"
},
{
"binary_version": "3.5.3-1ubuntu3.3",
"binary_name": "openssl-provider-legacy"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}Ubuntu:26.04
edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@2025.11-3ubuntu7?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "efi-shell-aa64"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "efi-shell-loongarch64"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "efi-shell-riscv64"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "efi-shell-x64"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "ovmf"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "ovmf-amdsev"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "ovmf-generic"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "ovmf-inteltdx"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "ovmf-legacy"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "qemu-efi-aarch64"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "qemu-efi-loongarch64"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "qemu-efi-riscv64"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@3.5.5-1ubuntu3?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.5.5-1ubuntu3
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "3.5.5-1ubuntu3",
"binary_name": "libssl3t64"
},
{
"binary_version": "3.5.5-1ubuntu3",
"binary_name": "openssl"
},
{
"binary_version": "3.5.5-1ubuntu3",
"binary_name": "openssl-provider-legacy"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}Ubuntu:Pro:16.04:LTS
edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@0~20160408.ffea0a2c-2ubuntu0.2+esm3?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0~20150106.*
0~20150106.5c2d456b-2
0~20160104.*
0~20160104.c2a892d7-1
0~20160408.*
0~20160408.ffea0a2c-2
0~20160408.ffea0a2c-2ubuntu0.1
0~20160408.ffea0a2c-2ubuntu0.2
0~20160408.ffea0a2c-2ubuntu0.2+esm1
0~20160408.ffea0a2c-2ubuntu0.2+esm3
nodejs
Package
- Name
- nodejs
- Purl
- pkg:deb/ubuntu/nodejs@4.2.6~dfsg-1ubuntu4.2+esm3?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.10.25~dfsg2-2ubuntu1
4.*
4.2.2~dfsg-1
4.2.3~dfsg-1
4.2.4~dfsg-1ubuntu1
4.2.4~dfsg-2
4.2.6~dfsg-1ubuntu1
4.2.6~dfsg-1ubuntu4
4.2.6~dfsg-1ubuntu4.1
4.2.6~dfsg-1ubuntu4.2
4.2.6~dfsg-1ubuntu4.2+esm1
4.2.6~dfsg-1ubuntu4.2+esm2
4.2.6~dfsg-1ubuntu4.2+esm3
Ubuntu:Pro:18.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.1~18.04.23+esm8?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.1-1ubuntu2.1~18.04.23+esm8
Affected versions
1.*
1.0.2g-1ubuntu13
1.0.2g-1ubuntu14
1.0.2n-1ubuntu1
1.1.0g-2ubuntu1
1.1.0g-2ubuntu2
1.1.0g-2ubuntu3
1.1.0g-2ubuntu4
1.1.0g-2ubuntu4.1
1.1.0g-2ubuntu4.3
1.1.1-1ubuntu2.1~18.04.1
1.1.1-1ubuntu2.1~18.04.2
1.1.1-1ubuntu2.1~18.04.3
1.1.1-1ubuntu2.1~18.04.4
1.1.1-1ubuntu2.1~18.04.5
1.1.1-1ubuntu2.1~18.04.6
1.1.1-1ubuntu2.1~18.04.7
1.1.1-1ubuntu2.1~18.04.8
1.1.1-1ubuntu2.1~18.04.9
1.1.1-1ubuntu2.1~18.04.10
1.1.1-1ubuntu2.1~18.04.13
1.1.1-1ubuntu2.1~18.04.14
1.1.1-1ubuntu2.1~18.04.15
1.1.1-1ubuntu2.1~18.04.17
1.1.1-1ubuntu2.1~18.04.19
1.1.1-1ubuntu2.1~18.04.20
1.1.1-1ubuntu2.1~18.04.21
1.1.1-1ubuntu2.1~18.04.22
1.1.1-1ubuntu2.1~18.04.23
1.1.1-1ubuntu2.1~18.04.23+esm1
1.1.1-1ubuntu2.1~18.04.23+esm3
1.1.1-1ubuntu2.1~18.04.23+esm4
1.1.1-1ubuntu2.1~18.04.23+esm5
1.1.1-1ubuntu2.1~18.04.23+esm6
1.1.1-1ubuntu2.1~18.04.23+esm7
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.1.1-1ubuntu2.1~18.04.23+esm8",
"binary_name": "libssl1.1"
},
{
"binary_version": "1.1.1-1ubuntu2.1~18.04.23+esm8",
"binary_name": "openssl"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@0~20180205.c0d9813c-2ubuntu0.3+esm2?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0~20170911.*
0~20170911.5dfba97c-1
0~20171010.*
0~20171010.234dbcef-1
0~20171027.*
0~20171027.76fd5a66-1
0~20171205.*
0~20171205.a9212288-1
0~20180105.*
0~20180105.0bc94c74-1
0~20180205.*
0~20180205.c0d9813c-1
0~20180205.c0d9813c-2
0~20180205.c0d9813c-2ubuntu0.1
0~20180205.c0d9813c-2ubuntu0.2
0~20180205.c0d9813c-2ubuntu0.3
0~20180205.c0d9813c-2ubuntu0.3+esm1
0~20180205.c0d9813c-2ubuntu0.3+esm2
Ecosystem specific
{
"binaries": [
{
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2",
"binary_name": "ovmf"
},
{
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2",
"binary_name": "qemu-efi"
},
{
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2",
"binary_name": "qemu-efi-aarch64"
},
{
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2",
"binary_name": "qemu-efi-arm"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}nodejs
Package
- Name
- nodejs
- Purl
- pkg:deb/ubuntu/nodejs@8.10.0~dfsg-2ubuntu0.4+esm6?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.11.4~dfsg-1ubuntu1
6.11.4~dfsg-1ubuntu2
6.12.0~dfsg-1ubuntu1
6.12.0~dfsg-2ubuntu1
6.12.0~dfsg-2ubuntu2
8.*
8.10.0~dfsg-2
8.10.0~dfsg-2ubuntu0.2
8.10.0~dfsg-2ubuntu0.3
8.10.0~dfsg-2ubuntu0.4
8.10.0~dfsg-2ubuntu0.4+esm1
8.10.0~dfsg-2ubuntu0.4+esm2
8.10.0~dfsg-2ubuntu0.4+esm3
8.10.0~dfsg-2ubuntu0.4+esm4
8.10.0~dfsg-2ubuntu0.4+esm5
8.10.0~dfsg-2ubuntu0.4+esm6
Ubuntu:Pro:20.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.24+esm3?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.1f-1ubuntu2.24+esm3
Affected versions
1.*
1.1.1c-1ubuntu4
1.1.1d-2ubuntu3
1.1.1d-2ubuntu6
1.1.1f-1ubuntu1
1.1.1f-1ubuntu2
1.1.1f-1ubuntu2.1
1.1.1f-1ubuntu2.2
1.1.1f-1ubuntu2.3
1.1.1f-1ubuntu2.4
1.1.1f-1ubuntu2.5
1.1.1f-1ubuntu2.8
1.1.1f-1ubuntu2.9
1.1.1f-1ubuntu2.10
1.1.1f-1ubuntu2.11
1.1.1f-1ubuntu2.12
1.1.1f-1ubuntu2.13
1.1.1f-1ubuntu2.15
1.1.1f-1ubuntu2.16
1.1.1f-1ubuntu2.17
1.1.1f-1ubuntu2.18
1.1.1f-1ubuntu2.19
1.1.1f-1ubuntu2.20
1.1.1f-1ubuntu2.21
1.1.1f-1ubuntu2.22
1.1.1f-1ubuntu2.23
1.1.1f-1ubuntu2.24
1.1.1f-1ubuntu2.24+esm1
1.1.1f-1ubuntu2.24+esm2
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.1.1f-1ubuntu2.24+esm3",
"binary_name": "libssl1.1"
},
{
"binary_version": "1.1.1f-1ubuntu2.24+esm3",
"binary_name": "openssl"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}Ubuntu:Pro:22.04:LTS
nodejs
Package
- Name
- nodejs
- Purl
- pkg:deb/ubuntu/nodejs@12.22.9~dfsg-1ubuntu3.6+esm2?arch=source&distro=esm-apps/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
12.*
12.22.5~dfsg-5ubuntu1
12.22.7~dfsg-2ubuntu1
12.22.7~dfsg-2ubuntu3
12.22.9~dfsg-1ubuntu2
12.22.9~dfsg-1ubuntu3
12.22.9~dfsg-1ubuntu3.1
12.22.9~dfsg-1ubuntu3.2
12.22.9~dfsg-1ubuntu3.3
12.22.9~dfsg-1ubuntu3.4
12.22.9~dfsg-1ubuntu3.5
12.22.9~dfsg-1ubuntu3.6
12.22.9~dfsg-1ubuntu3.6+esm2
Ubuntu:Pro:FIPS-preview:22.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.12+Fips1?arch=source&distro=fips-preview/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
openssl-fips
Package
- Name
- openssl-fips
- Purl
- pkg:deb/ubuntu/openssl-fips@3.0.5-0ubuntu0.1+Fips2.1?arch=source&distro=fips-preview/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:FIPS-updates:18.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.23.8?arch=source&distro=fips-updates/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.1-1ubuntu2.fips.2.1~18.04.23.8
Affected versions
1.*
1.1.1-1ubuntu2.fips.2.1~18.04.5.1
1.1.1-1ubuntu2.fips.2.1~18.04.6.1
1.1.1-1ubuntu2.fips.2.1~18.04.7.1
1.1.1-1ubuntu2.fips.2.1~18.04.9.1
1.1.1-1ubuntu2.fips.2.1~18.04.9.2
1.1.1-1ubuntu2.fips.2.1~18.04.9.3
1.1.1-1ubuntu2.fips.2.1~18.04.13.2
1.1.1-1ubuntu2.fips.2.1~18.04.15
1.1.1-1ubuntu2.fips.2.1~18.04.15.1
1.1.1-1ubuntu2.fips.2.1~18.04.15.2
1.1.1-1ubuntu2.fips.2.1~18.04.17
1.1.1-1ubuntu2.fips.2.1~18.04.20
1.1.1-1ubuntu2.fips.2.1~18.04.21
1.1.1-1ubuntu2.fips.2.1~18.04.22
1.1.1-1ubuntu2.fips.2.1~18.04.23
1.1.1-1ubuntu2.fips.2.1~18.04.23.3
1.1.1-1ubuntu2.fips.2.1~18.04.23.4
1.1.1-1ubuntu2.fips.2.1~18.04.23.5
1.1.1-1ubuntu2.fips.2.1~18.04.23.6
1.1.1-1ubuntu2.fips.2.1~18.04.23.7
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.23.8",
"binary_name": "libssl1.1"
},
{
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.23.8",
"binary_name": "libssl1.1-hmac"
},
{
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.23.8",
"binary_name": "openssl"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}Ubuntu:Pro:FIPS-updates:20.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.24.3?arch=source&distro=fips-updates/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.1f-1ubuntu2.fips.24.3
Affected versions
1.*
1.1.1f-1ubuntu2.fips.7
1.1.1f-1ubuntu2.fips.7.2
1.1.1f-1ubuntu2.fips.12
1.1.1f-1ubuntu2.fips.13
1.1.1f-1ubuntu2.fips.13.1
1.1.1f-1ubuntu2.fips.16
1.1.1f-1ubuntu2.fips.17
1.1.1f-1ubuntu2.fips.18
1.1.1f-1ubuntu2.fips.19
1.1.1f-1ubuntu2.fips.20
1.1.1f-1ubuntu2.fips.21
1.1.1f-1ubuntu2.fips.22
1.1.1f-1ubuntu2.fips.24
1.1.1f-1ubuntu2.fips.24.1
1.1.1f-1ubuntu2.fips.24.2
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.1.1f-1ubuntu2.fips.24.3",
"binary_name": "libssl1.1"
},
{
"binary_version": "1.1.1f-1ubuntu2.fips.24.3",
"binary_name": "libssl1.1-hmac"
},
{
"binary_version": "1.1.1f-1ubuntu2.fips.24.3",
"binary_name": "openssl"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}Ubuntu:Pro:FIPS-updates:22.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.23+Fips1?arch=source&distro=fips-updates/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.2-0ubuntu1.23+Fips1
Affected versions
3.*
3.0.2-0ubuntu1.10+Fips1
3.0.2-0ubuntu1.12+Fips1
3.0.2-0ubuntu1.14+Fips1
3.0.2-0ubuntu1.15+Fips1
3.0.2-0ubuntu1.16+Fips1
3.0.2-0ubuntu1.17+Fips1
3.0.2-0ubuntu1.18+Fips1
3.0.2-0ubuntu1.19+Fips1
3.0.2-0ubuntu1.20+Fips1
3.0.2-0ubuntu1.21+Fips1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "3.0.2-0ubuntu1.23+Fips1",
"binary_name": "libssl3"
},
{
"binary_version": "3.0.2-0ubuntu1.23+Fips1",
"binary_name": "openssl"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}openssl-fips
Package
- Name
- openssl-fips
- Purl
- pkg:deb/ubuntu/openssl-fips@3.0.5-0ubuntu0.2+Fips1?arch=source&distro=fips-updates/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:FIPS-updates:24.04:LTS
openssl-fips
Package
- Name
- openssl-fips
- Purl
- pkg:deb/ubuntu/openssl-fips@3.0.13-0ubuntu3.6+Fips1?arch=source&distro=fips-updates/noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:FIPS:18.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.15.2?arch=source&distro=fips/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2",
"binary_name": "libssl1.1"
},
{
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2",
"binary_name": "libssl1.1-hmac"
},
{
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2",
"binary_name": "openssl"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}Ubuntu:Pro:FIPS:20.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.7.1?arch=source&distro=fips/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "1.1.1f-1ubuntu2.fips.7.1",
"binary_name": "libssl1.1"
},
{
"binary_version": "1.1.1f-1ubuntu2.fips.7.1",
"binary_name": "libssl1.1-hmac"
},
{
"binary_version": "1.1.1f-1ubuntu2.fips.7.1",
"binary_name": "openssl"
}
],
"priority_reason": "OpenSSL developers have rated this issue as being low severity"
}