Julia Security Advisories

JLSEC-2026-492: JLSEC-2026-492

Fri, 01 May 2026 00:00:00 +0000

Security advisory JLSEC-2026-492: JLSEC-2026-492

JLSEC-2026-372: JLSEC-2026-372

Sat, 25 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-372: JLSEC-2026-372

JLSEC-2026-373: JLSEC-2026-373

Sat, 25 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-373: JLSEC-2026-373

JLSEC-2026-281: RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution

Thu, 23 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-281: RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution

JLSEC-2026-496: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via...

Thu, 23 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-496: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via...

JLSEC-2026-497: Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds...

Thu, 23 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-497: Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds...

JLSEC-2026-280: Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution

Thu, 23 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-280: Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution

JLSEC-2026-213: When sed is invoked with both -i (in-place edit) and –follow-symlinks, the function...

Mon, 20 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-213: When sed is invoked with both -i (in-place edit) and –follow-symlinks, the function...

JLSEC-2026-491: JLSEC-2026-491

Sat, 18 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-491: JLSEC-2026-491

JLSEC-2026-384: JLSEC-2026-384

Thu, 16 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-384: JLSEC-2026-384

JLSEC-2026-151: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could...

Sun, 12 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-151: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could...

JLSEC-2026-152: In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote...

Sun, 12 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-152: In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote...

JLSEC-2026-353: JLSEC-2026-353

Fri, 10 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-353: JLSEC-2026-353

JLSEC-2026-354: JLSEC-2026-354

Thu, 09 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-354: JLSEC-2026-354

JLSEC-2026-498: JLSEC-2026-498

Thu, 09 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-498: JLSEC-2026-498

JLSEC-2026-276: Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads...

Tue, 07 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-276: Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads...

JLSEC-2026-272: JLSEC-2026-272

Tue, 07 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-272: JLSEC-2026-272

JLSEC-2026-277: Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key...

Tue, 07 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-277: Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key...

JLSEC-2026-274: Issue summary: During processing of a crafted CMS EnvelopedData message with...

Tue, 07 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-274: Issue summary: During processing of a crafted CMS EnvelopedData message with...

JLSEC-2026-275: JLSEC-2026-275

Tue, 07 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-275: JLSEC-2026-275

JLSEC-2026-273: JLSEC-2026-273

Tue, 07 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-273: JLSEC-2026-273

JLSEC-2026-144: JLSEC-2026-144

Mon, 06 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-144: JLSEC-2026-144

JLSEC-2026-143: JLSEC-2026-143

Mon, 06 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-143: JLSEC-2026-143

JLSEC-2026-142: JLSEC-2026-142

Mon, 06 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-142: JLSEC-2026-142

JLSEC-2026-149: JLSEC-2026-149

Mon, 06 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-149: JLSEC-2026-149

JLSEC-2026-148: JLSEC-2026-148

Mon, 06 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-148: JLSEC-2026-148

JLSEC-2026-212: JLSEC-2026-212

Fri, 03 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-212: JLSEC-2026-212

JLSEC-2026-76: JLSEC-2026-76

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-76: JLSEC-2026-76

JLSEC-2026-74: In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome...

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-74: In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome...

JLSEC-2026-75: JLSEC-2026-75

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-75: JLSEC-2026-75

JLSEC-2026-371: A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function...

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-371: A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function...

JLSEC-2026-370: A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function...

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-370: A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function...

JLSEC-2026-78: JLSEC-2026-78

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-78: JLSEC-2026-78

JLSEC-2026-467: Mbed TLS serialized session data is not cryptographically protected

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-467: Mbed TLS serialized session data is not cryptographically protected

JLSEC-2026-77: JLSEC-2026-77

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-77: JLSEC-2026-77

JLSEC-2026-369: A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function...

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-369: A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function...

JLSEC-2026-462: JLSEC-2026-462

Thu, 02 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-462: JLSEC-2026-462

JLSEC-2026-464: Mbed TLS might use cloned PSA random generator states

Wed, 01 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-464: Mbed TLS might use cloned PSA random generator states

JLSEC-2026-147: JLSEC-2026-147

Wed, 01 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-147: JLSEC-2026-147

JLSEC-2026-145: JLSEC-2026-145

Wed, 01 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-145: JLSEC-2026-145

JLSEC-2026-465: Mbed TLS may use a low entropy PRNG seed

Wed, 01 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-465: Mbed TLS may use a low entropy PRNG seed

JLSEC-2026-463: Mbed TLS timing side channel in RSA and CBC/ECB decryption

Wed, 01 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-463: Mbed TLS timing side channel in RSA and CBC/ECB decryption

JLSEC-2026-466: Mbed TLS peer can force the FFDH shared secret into a small set of values

Wed, 01 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-466: Mbed TLS peer can force the FFDH shared secret into a small set of values

JLSEC-2026-146: JLSEC-2026-146

Wed, 01 Apr 2026 00:00:00 +0000

Security advisory JLSEC-2026-146: JLSEC-2026-146

JLSEC-2026-96: JLSEC-2026-96

Thu, 26 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-96: JLSEC-2026-96

JLSEC-2026-95: JLSEC-2026-95

Thu, 26 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-95: JLSEC-2026-95

JLSEC-2026-79: JLSEC-2026-79

Wed, 25 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-79: JLSEC-2026-79

JLSEC-2026-288: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo...

Tue, 24 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-288: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo...

JLSEC-2026-159: JLSEC-2026-159

Fri, 20 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-159: JLSEC-2026-159

JLSEC-2026-158: JLSEC-2026-158

Fri, 20 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-158: JLSEC-2026-158

JLSEC-2026-5: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C

Wed, 18 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-5: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C

JLSEC-2026-182: JLSEC-2026-182

Tue, 17 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-182: JLSEC-2026-182

JLSEC-2026-381: JLSEC-2026-381

Mon, 16 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-381: JLSEC-2026-381

JLSEC-2026-383: JLSEC-2026-383

Mon, 16 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-383: JLSEC-2026-383

JLSEC-2026-150: JLSEC-2026-150

Mon, 16 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-150: JLSEC-2026-150

JLSEC-2026-382: JLSEC-2026-382

Mon, 16 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-382: JLSEC-2026-382

JLSEC-2026-271: Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key...

Fri, 13 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-271: Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key...

JLSEC-2026-436: JLSEC-2026-436

Wed, 11 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-436: JLSEC-2026-436

JLSEC-2026-439: When doing a second SMB request to the same host again, curl would wrongly use a data pointer...

Wed, 11 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-439: When doing a second SMB request to the same host again, curl would wrongly use a data pointer...

JLSEC-2026-438: curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the...

Wed, 11 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-438: curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the...

JLSEC-2026-437: When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a...

Wed, 11 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-437: When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a...

JLSEC-2026-141: JLSEC-2026-141

Tue, 03 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-141: JLSEC-2026-141

JLSEC-2026-461: An integer overflow in the ttvarloaditemvariation_store function of the Freetype library in...

Mon, 02 Mar 2026 00:00:00 +0000

Security advisory JLSEC-2026-461: An integer overflow in the ttvarloaditemvariation_store function of the Freetype library in...

JLSEC-2026-140: JLSEC-2026-140

Tue, 24 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-140: JLSEC-2026-140

JLSEC-2026-157: JLSEC-2026-157

Mon, 23 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-157: JLSEC-2026-157

JLSEC-2026-486: JLSEC-2026-486

Mon, 23 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-486: JLSEC-2026-486

JLSEC-2026-366: A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the...

Mon, 23 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-366: A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the...

JLSEC-2026-367: A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the...

Mon, 23 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-367: A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the...

JLSEC-2026-484: JLSEC-2026-484

Mon, 23 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-484: JLSEC-2026-484

JLSEC-2026-368: A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function...

Mon, 23 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-368: A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function...

JLSEC-2026-485: JLSEC-2026-485

Mon, 23 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-485: JLSEC-2026-485

JLSEC-2026-352: JLSEC-2026-352

Thu, 19 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-352: JLSEC-2026-352

JLSEC-2026-480: zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combine_gen64 because...

Wed, 18 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-480: zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combine_gen64 because...

JLSEC-2026-53: JLSEC-2026-53

Thu, 12 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-53: JLSEC-2026-53

JLSEC-2026-56: JLSEC-2026-56

Thu, 12 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-56: JLSEC-2026-56

JLSEC-2026-55: JLSEC-2026-55

Thu, 12 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-55: JLSEC-2026-55

JLSEC-2026-54: JLSEC-2026-54

Thu, 12 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-54: JLSEC-2026-54

JLSEC-2026-11: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

Tue, 10 Feb 2026 00:00:00 +0000

Security advisory JLSEC-2026-11: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

JLSEC-2026-380: JLSEC-2026-380

Fri, 30 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-380: JLSEC-2026-380

JLSEC-2026-9: Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of s...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-9: Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of s...

JLSEC-2026-262: Issue summary: When using the low-level OCB API directly with AES-NI or
other hardware...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-262: Issue summary: When using the low-level OCB API directly with AES-NI or
other hardware...

JLSEC-2026-258: Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-258: Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when...

JLSEC-2026-260: Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-260: Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a...

JLSEC-2026-269: Issue summary: An invalid or NULL pointer dereference can happen in an application processing a...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-269: Issue summary: An invalid or NULL pointer dereference can happen in an application processing a...

JLSEC-2026-270: Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-270: Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS...

JLSEC-2026-265: Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-265: Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the...

JLSEC-2026-255: Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-255: Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a...

JLSEC-2026-257: Issue summary: If an application using the SSLCIPHERfind() function in a QUIC protocol client...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-257: Issue summary: If an application using the SSLCIPHERfind() function in a QUIC protocol client...

JLSEC-2026-264: Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-264: Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code...

JLSEC-2026-263: Issue summary: Calling PKCS12getfriendlyname() function on a maliciously crafted PKCS#12 file...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-263: Issue summary: Calling PKCS12getfriendlyname() function on a maliciously crafted PKCS#12 file...

JLSEC-2026-10: Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of s...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-10: Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of s...

JLSEC-2026-256: Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-256: Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can...

JLSEC-2026-261: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter...

Tue, 27 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-261: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter...

JLSEC-2026-379: JLSEC-2026-379

Fri, 23 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-379: JLSEC-2026-379

JLSEC-2026-189: JLSEC-2026-189

Sun, 18 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-189: JLSEC-2026-189

JLSEC-2026-115: Deno has an incomplete fix for command-injection prevention on Windows — case-insensitive extension bypass

Thu, 15 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-115: Deno has an incomplete fix for command-injection prevention on Windows — case-insensitive extension bypass

JLSEC-2026-114: Deno node:crypto doesn't finalize cipher

Thu, 15 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-114: Deno node:crypto doesn't finalize cipher

JLSEC-2026-8: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

Mon, 12 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-8: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

JLSEC-2026-7: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

Mon, 12 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-7: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

JLSEC-2026-430: When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file,...

Thu, 08 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-430: When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file,...

JLSEC-2026-426: When using `CURLOPT_PINNEDPUBLICKEY` option with libcurl or `--pinnedpubkey` with the curl tool...

Thu, 08 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-426: When using CURLOPT_PINNEDPUBLICKEY option with libcurl or --pinnedpubkey with the curl tool...

JLSEC-2026-431: When doing SSH-based transfers using either SCP or SFTP, and asked to do public key...

Thu, 08 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-431: When doing SSH-based transfers using either SCP or SFTP, and asked to do public key...

JLSEC-2026-428: When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross...

Thu, 08 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-428: When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross...

JLSEC-2026-429: When doing TLS related transfers with reused easy or multi handles and altering the ...

Thu, 08 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-429: When doing TLS related transfers with reused easy or multi handles and altering the ...

JLSEC-2026-427: When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in...

Thu, 08 Jan 2026 00:00:00 +0000

Security advisory JLSEC-2026-427: When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in...

JLSEC-2026-156: JLSEC-2026-156

Mon, 29 Dec 2025 00:00:00 +0000

Security advisory JLSEC-2026-156: JLSEC-2026-156

JLSEC-2026-136: JLSEC-2026-136

Tue, 23 Dec 2025 00:00:00 +0000

Security advisory JLSEC-2026-136: JLSEC-2026-136

JLSEC-2026-135: JLSEC-2026-135

Tue, 23 Dec 2025 00:00:00 +0000

Security advisory JLSEC-2026-135: JLSEC-2026-135

JLSEC-2026-137: JLSEC-2026-137

Tue, 23 Dec 2025 00:00:00 +0000

Security advisory JLSEC-2026-137: JLSEC-2026-137

JLSEC-2026-489: A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service ...

Thu, 11 Dec 2025 00:00:00 +0000

Security advisory JLSEC-2026-489: A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service ...

JLSEC-2026-488: A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap...

Wed, 10 Dec 2025 00:00:00 +0000

Security advisory JLSEC-2026-488: A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap...

JLSEC-2026-6: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

Wed, 03 Dec 2025 00:00:00 +0000

Security advisory JLSEC-2026-6: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

JLSEC-2026-378: JLSEC-2026-378

Fri, 28 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2026-378: JLSEC-2026-378

JLSEC-2026-487: JLSEC-2026-487

Wed, 26 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2026-487: JLSEC-2026-487

JLSEC-2025-328: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

Tue, 25 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2025-328: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

JLSEC-2025-330: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

Tue, 25 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2025-330: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

JLSEC-2025-331: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

Tue, 25 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2025-331: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

JLSEC-2025-329: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

Tue, 25 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2025-329: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

JLSEC-2026-181: JLSEC-2026-181

Tue, 18 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2026-181: JLSEC-2026-181

JLSEC-2026-138: JLSEC-2026-138

Mon, 10 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2026-138: JLSEC-2026-138

JLSEC-2026-139: JLSEC-2026-139

Mon, 10 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2026-139: JLSEC-2026-139

JLSEC-2026-424: curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was...

Fri, 07 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2026-424: curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was...

JLSEC-2026-153: JLSEC-2026-153

Wed, 05 Nov 2025 00:00:00 +0000

Security advisory JLSEC-2026-153: JLSEC-2026-153

JLSEC-2025-233: Padding oracle through timing of cipher error reporting

Tue, 21 Oct 2025 00:00:00 +0000

Security advisory JLSEC-2025-233: Padding oracle through timing of cipher error reporting

JLSEC-2025-232: Side channel in RSA key generation and operations (SSBleed, M-Step)

Mon, 20 Oct 2025 00:00:00 +0000

Security advisory JLSEC-2025-232: Side channel in RSA key generation and operations (SSBleed, M-Step)

JLSEC-2025-40: Header injection/Response splitting via header construction.

Fri, 10 Oct 2025 00:00:00 +0000

Security advisory JLSEC-2025-40: Header injection/Response splitting via header construction.

JLSEC-2026-89: JLSEC-2026-89

Fri, 10 Oct 2025 00:00:00 +0000

Security advisory JLSEC-2026-89: JLSEC-2026-89

JLSEC-2026-111: Deno's –deny-write check does not prevent permission bypass

Wed, 08 Oct 2025 00:00:00 +0000

Security advisory JLSEC-2026-111: Deno's –deny-write check does not prevent permission bypass

JLSEC-2026-113: Deno is Vulnerable to Command Injection on Windows During Batch File Execution

Wed, 08 Oct 2025 00:00:00 +0000

Security advisory JLSEC-2026-113: Deno is Vulnerable to Command Injection on Windows During Batch File Execution

JLSEC-2026-112: Deno's –deny-read check does not prevent permission bypass

Wed, 08 Oct 2025 00:00:00 +0000

Security advisory JLSEC-2026-112: Deno's –deny-read check does not prevent permission bypass

JLSEC-2025-8: ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to...

Mon, 06 Oct 2025 00:00:00 +0000

Security advisory JLSEC-2025-8: ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to...

JLSEC-2025-7: ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain...

Mon, 06 Oct 2025 00:00:00 +0000

Security advisory JLSEC-2025-7: ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain...

JLSEC-2026-267: Issue summary: A timing side-channel which could potentially allow remote recovery of the private...

Tue, 30 Sep 2025 00:00:00 +0000

Security advisory JLSEC-2026-267: Issue summary: A timing side-channel which could potentially allow remote recovery of the private...

JLSEC-2026-266: JLSEC-2026-266

Tue, 30 Sep 2025 00:00:00 +0000

Security advisory JLSEC-2026-266: JLSEC-2026-266

JLSEC-2026-268: Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of...

Tue, 30 Sep 2025 00:00:00 +0000

Security advisory JLSEC-2026-268: Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of...

JLSEC-2025-173: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a sm...

Mon, 15 Sep 2025 00:00:00 +0000

Security advisory JLSEC-2025-173: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a sm...

JLSEC-2026-435: 1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or...

Fri, 12 Sep 2025 00:00:00 +0000

Security advisory JLSEC-2026-435: 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or...

JLSEC-2026-423: curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the...

Fri, 12 Sep 2025 00:00:00 +0000

Security advisory JLSEC-2026-423: curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the...

JLSEC-2025-91: Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a lo...

Wed, 10 Sep 2025 00:00:00 +0000

Security advisory JLSEC-2025-91: Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a lo...

JLSEC-2026-60: JLSEC-2026-60

Wed, 27 Aug 2025 00:00:00 +0000

Security advisory JLSEC-2026-60: JLSEC-2026-60

JLSEC-2025-323: A flaw has been found in LibTIFF 4.7.0

Tue, 19 Aug 2025 00:00:00 +0000

Security advisory JLSEC-2025-323: A flaw has been found in LibTIFF 4.7.0

JLSEC-2025-322: A weakness has been identified in LibTIFF 4.7.0

Thu, 14 Aug 2025 00:00:00 +0000

Security advisory JLSEC-2025-322: A weakness has been identified in LibTIFF 4.7.0

JLSEC-2025-321: A vulnerability was determined in LibTIFF up to 4.5.1

Mon, 11 Aug 2025 00:00:00 +0000

Security advisory JLSEC-2025-321: A vulnerability was determined in LibTIFF up to 4.5.1

JLSEC-2025-320: A vulnerability classified as problematic was found in libtiff 4.6.0

Tue, 05 Aug 2025 00:00:00 +0000

Security advisory JLSEC-2025-320: A vulnerability classified as problematic was found in libtiff 4.6.0

JLSEC-2026-88: JLSEC-2026-88

Mon, 04 Aug 2025 00:00:00 +0000

Security advisory JLSEC-2026-88: JLSEC-2026-88

JLSEC-2025-319: A vulnerability was found in LibTIFF up to 4.7.0

Fri, 01 Aug 2025 00:00:00 +0000

Security advisory JLSEC-2025-319: A vulnerability was found in LibTIFF up to 4.7.0

JLSEC-2025-168: A flaw was found in GLib

Mon, 28 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-168: A flaw was found in GLib

JLSEC-2025-318: A vulnerability was found in LibTIFF up to 4.7.0

Sat, 26 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-318: A vulnerability was found in LibTIFF up to 4.7.0

JLSEC-2025-317: A vulnerability was found in LibTIFF up to 4.7.0

Sat, 26 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-317: A vulnerability was found in LibTIFF up to 4.7.0

JLSEC-2025-100: A flaw was found in the SFTP server message decoding logic of libssh

Fri, 25 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-100: A flaw was found in the SFTP server message decoding logic of libssh

JLSEC-2025-99: A flaw was found in libssh, a library that implements the SSH protocol

Thu, 24 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-99: A flaw was found in libssh, a library that implements the SSH protocol

JLSEC-2025-230: Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtlsasn1storenameddata can trigg...

Sun, 20 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-230: Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtlsasn1storenameddata can trigg...

JLSEC-2025-231: Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are develop...

Sun, 20 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-231: Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are develop...

JLSEC-2025-9: ImageMagick is free and open-source software used for editing and manipulating digital images

Mon, 14 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-9: ImageMagick is free and open-source software used for editing and manipulating digital images

JLSEC-2025-197: GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a c...

Fri, 11 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-197: GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a c...

JLSEC-2025-332: A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library

Mon, 07 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-332: A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library

JLSEC-2026-349: JLSEC-2026-349

Fri, 04 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2026-349: JLSEC-2026-349

JLSEC-2025-98: A flaw was found in the key export functionality of libssh

Fri, 04 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-98: A flaw was found in the key export functionality of libssh

JLSEC-2026-350: JLSEC-2026-350

Fri, 04 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2026-350: JLSEC-2026-350

JLSEC-2026-351: JLSEC-2026-351

Fri, 04 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2026-351: JLSEC-2026-351

JLSEC-2025-229: Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtlspemread_bu...

Fri, 04 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-229: Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtlspemread_bu...

JLSEC-2025-97: A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ...

Fri, 04 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-97: A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ...

JLSEC-2025-228: Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occu...

Fri, 04 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2025-228: Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occu...

JLSEC-2026-90: JLSEC-2026-90

Wed, 02 Jul 2025 00:00:00 +0000

Security advisory JLSEC-2026-90: JLSEC-2026-90

JLSEC-2026-346: JLSEC-2026-346

Sun, 29 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-346: JLSEC-2026-346

JLSEC-2026-347: JLSEC-2026-347

Sun, 29 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-347: JLSEC-2026-347

JLSEC-2026-348: JLSEC-2026-348

Sun, 29 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-348: JLSEC-2026-348

JLSEC-2026-343: JLSEC-2026-343

Sat, 28 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-343: JLSEC-2026-343

JLSEC-2026-345: JLSEC-2026-345

Sat, 28 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-345: JLSEC-2026-345

JLSEC-2026-344: JLSEC-2026-344

Sat, 28 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-344: JLSEC-2026-344

JLSEC-2026-342: JLSEC-2026-342

Fri, 27 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-342: JLSEC-2026-342

JLSEC-2025-5: Lack of validation for user-provided fields in GitHub.jl

Tue, 24 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-5: Lack of validation for user-provided fields in GitHub.jl

JLSEC-2025-4: Argument injection in `gettreesha()` function in Registrator.jl

Tue, 24 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-4: Argument injection in gettreesha() function in Registrator.jl

JLSEC-2025-96: A flaw was found in the libssh library in versions less than 0.11.2

Tue, 24 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-96: A flaw was found in the libssh library in versions less than 0.11.2

JLSEC-2025-3: Lack of validation for user-provided fields in GitForge.jl

Tue, 24 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-3: Lack of validation for user-provided fields in GitForge.jl

JLSEC-2025-2: Command injection in `withpasswd()` function in Registrator.jl

Tue, 24 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-2: Command injection in withpasswd() function in Registrator.jl

JLSEC-2025-1: CR/LF injection in URIs.jl (also affects HTTP.jl)

Tue, 24 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-1: CR/LF injection in URIs.jl (also affects HTTP.jl)

JLSEC-2025-39: Possible XSS in HTMLSanitizer when using svg elements

Mon, 23 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-39: Possible XSS in HTMLSanitizer when using svg elements

JLSEC-2026-341: JLSEC-2026-341

Mon, 23 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-341: JLSEC-2026-341

JLSEC-2026-340: JLSEC-2026-340

Thu, 19 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-340: JLSEC-2026-340

JLSEC-2026-339: JLSEC-2026-339

Thu, 19 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-339: JLSEC-2026-339

JLSEC-2026-196: JLSEC-2026-196

Mon, 16 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-196: JLSEC-2026-196

JLSEC-2026-454: A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic....

Mon, 16 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-454: A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic....

JLSEC-2026-197: JLSEC-2026-197

Mon, 16 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-197: JLSEC-2026-197

JLSEC-2025-167: A flaw was found in how GLib’s GString manages memory when adding data to strings

Fri, 13 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-167: A flaw was found in how GLib’s GString manages memory when adding data to strings

JLSEC-2025-196: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calcula...

Thu, 12 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-196: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calcula...

JLSEC-2025-247: A vulnerability has been identified in the libarchive library

Mon, 09 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-247: A vulnerability has been identified in the libarchive library

JLSEC-2025-245: A vulnerability has been identified in the libarchive library, specifically within the archiveread...

Mon, 09 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-245: A vulnerability has been identified in the libarchive library, specifically within the archiveread...

JLSEC-2025-248: A vulnerability has been identified in the libarchive library

Mon, 09 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-248: A vulnerability has been identified in the libarchive library

JLSEC-2025-249: A vulnerability has been identified in the libarchive library

Mon, 09 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-249: A vulnerability has been identified in the libarchive library

JLSEC-2025-246: A vulnerability has been identified in the libarchive library

Mon, 09 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2025-246: A vulnerability has been identified in the libarchive library

JLSEC-2026-434: Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted...

Sat, 07 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-434: Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted...

JLSEC-2026-109: Deno run with –allow-read and –deny-read flags results in allowed

Wed, 04 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-109: Deno run with –allow-read and –deny-read flags results in allowed

JLSEC-2026-110: Deno.env.toObject() ignores the variables listed in –deny-env and returns all environment variables

Wed, 04 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-110: Deno.env.toObject() ignores the variables listed in –deny-env and returns all environment variables

JLSEC-2026-108: Deno's AES GCM authentication tags are not verified

Tue, 03 Jun 2025 00:00:00 +0000

Security advisory JLSEC-2026-108: Deno's AES GCM authentication tags are not verified

JLSEC-2026-337: JLSEC-2026-337

Fri, 30 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-337: JLSEC-2026-337

JLSEC-2026-338: JLSEC-2026-338

Fri, 30 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-338: JLSEC-2026-338

JLSEC-2026-432: libcurl accidentally skips the certificate verification for QUIC connections when connecting to a...

Wed, 28 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-432: libcurl accidentally skips the certificate verification for QUIC connections when connecting to a...

JLSEC-2026-433: libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an...

Wed, 28 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-433: libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an...

JLSEC-2026-191: JLSEC-2026-191

Mon, 26 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-191: JLSEC-2026-191

JLSEC-2026-192: JLSEC-2026-192

Mon, 26 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-192: JLSEC-2026-192

JLSEC-2026-194: JLSEC-2026-194

Mon, 26 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-194: JLSEC-2026-194

JLSEC-2026-195: JLSEC-2026-195

Mon, 26 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-195: JLSEC-2026-195

JLSEC-2026-193: JLSEC-2026-193

Mon, 26 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-193: JLSEC-2026-193

JLSEC-2026-259: Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use...

Thu, 22 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-259: Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use...

JLSEC-2026-125: In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer...

Fri, 16 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-125: In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer...

JLSEC-2026-126: In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications...

Fri, 16 May 2025 00:00:00 +0000

Security advisory JLSEC-2026-126: In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications...

JLSEC-2025-152: ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamfreadheader in /libavformat/ia...

Fri, 02 May 2025 00:00:00 +0000

Security advisory JLSEC-2025-152: ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamfreadheader in /libavformat/ia...

JLSEC-2026-87: NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures...

Fri, 18 Apr 2025 00:00:00 +0000

Security advisory JLSEC-2026-87: NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures...

JLSEC-2025-90: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a ...

Thu, 17 Apr 2025 00:00:00 +0000

Security advisory JLSEC-2025-90: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a ...

JLSEC-2026-190: JLSEC-2026-190

Mon, 14 Apr 2025 00:00:00 +0000

Security advisory JLSEC-2026-190: JLSEC-2026-190

JLSEC-2026-73: In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the...

Thu, 10 Apr 2025 00:00:00 +0000

Security advisory JLSEC-2026-73: In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the...

JLSEC-2026-495: GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c,...

Wed, 09 Apr 2025 00:00:00 +0000

Security advisory JLSEC-2026-495: GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c,...

JLSEC-2025-89: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Pyth...

Tue, 08 Apr 2025 00:00:00 +0000

Security advisory JLSEC-2025-89: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Pyth...

JLSEC-2026-85: A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an...

Sat, 05 Apr 2025 00:00:00 +0000

Security advisory JLSEC-2026-85: A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an...

JLSEC-2026-86: Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the...

Sat, 05 Apr 2025 00:00:00 +0000

Security advisory JLSEC-2026-86: Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the...

JLSEC-2026-331: JLSEC-2026-331

Fri, 28 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-331: JLSEC-2026-331

JLSEC-2026-336: JLSEC-2026-336

Fri, 28 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-336: JLSEC-2026-336

JLSEC-2025-244: Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar i...

Fri, 28 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2025-244: Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar i...

JLSEC-2026-332: JLSEC-2026-332

Fri, 28 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-332: JLSEC-2026-332

JLSEC-2026-335: JLSEC-2026-335

Fri, 28 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-335: JLSEC-2026-335

JLSEC-2026-334: JLSEC-2026-334

Fri, 28 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-334: JLSEC-2026-334

JLSEC-2026-330: JLSEC-2026-330

Fri, 28 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-330: JLSEC-2026-330

JLSEC-2026-333: JLSEC-2026-333

Fri, 28 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-333: JLSEC-2026-333

JLSEC-2026-329: JLSEC-2026-329

Fri, 28 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-329: JLSEC-2026-329

JLSEC-2026-358: JLSEC-2026-358

Thu, 27 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-358: JLSEC-2026-358

JLSEC-2026-355: JLSEC-2026-355

Thu, 27 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-355: JLSEC-2026-355

JLSEC-2026-359: JLSEC-2026-359

Thu, 27 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-359: JLSEC-2026-359

JLSEC-2026-357: JLSEC-2026-357

Thu, 27 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-357: JLSEC-2026-357

JLSEC-2026-356: JLSEC-2026-356

Thu, 27 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-356: JLSEC-2026-356

JLSEC-2025-187: Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware ...

Tue, 25 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2025-187: Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware ...

JLSEC-2025-227: Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted ...

Tue, 25 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2025-227: Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted ...

JLSEC-2025-94: In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data th...

Wed, 19 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2025-94: In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data th...

JLSEC-2026-327: JLSEC-2026-327

Fri, 14 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-327: JLSEC-2026-327

JLSEC-2026-326: JLSEC-2026-326

Fri, 14 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-326: JLSEC-2026-326

JLSEC-2026-328: JLSEC-2026-328

Fri, 14 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-328: JLSEC-2026-328

JLSEC-2026-460: An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font...

Tue, 11 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-460: An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font...

JLSEC-2026-325: JLSEC-2026-325

Mon, 10 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-325: JLSEC-2026-325

JLSEC-2026-494: WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation.

Fri, 07 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-494: WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation.

JLSEC-2026-493: JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.

Fri, 07 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2026-493: JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.

JLSEC-2025-243: listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value,...

Sun, 02 Mar 2025 00:00:00 +0000

Security advisory JLSEC-2025-243: listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value,...

JLSEC-2025-242: A vulnerability was found in libarchive up to 3.7.7

Mon, 24 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2025-242: A vulnerability was found in libarchive up to 3.7.7

JLSEC-2025-151: A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1

Sun, 23 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2025-151: A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1

JLSEC-2025-88: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pat...

Tue, 18 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2025-88: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pat...

JLSEC-2026-72: JLSEC-2026-72

Tue, 18 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2026-72: JLSEC-2026-72

JLSEC-2025-87: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElem...

Tue, 18 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2025-87: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElem...

JLSEC-2025-86: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables a...

Tue, 18 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2025-86: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables a...

JLSEC-2025-150: A vulnerability was found in FFmpeg up to 7.1

Mon, 17 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2025-150: A vulnerability was found in FFmpeg up to 7.1

JLSEC-2025-250: libarchive through 3.7.7 has a heap-based buffer over-read in headergnulonglink in archivereadsu...

Sun, 16 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2025-250: libarchive through 3.7.7 has a heap-based buffer over-read in headergnulonglink in archivereadsu...

JLSEC-2026-422: When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses...

Wed, 05 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2026-422: When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses...

JLSEC-2026-420: When asked to use a `.netrc` file for credentials and to follow HTTP redirects, curl could...

Wed, 05 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2026-420: When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could...

JLSEC-2026-421: libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection...

Wed, 05 Feb 2025 00:00:00 +0000

Security advisory JLSEC-2026-421: libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection...

JLSEC-2025-85: xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.

Sun, 26 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-85: xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.

JLSEC-2026-248: Issue summary: A timing side-channel which could potentially allow recovering the private key...

Mon, 20 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2026-248: Issue summary: A timing side-channel which could potentially allow recovering the private key...

JLSEC-2025-149: Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants W...

Thu, 16 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-149: Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants W...

JLSEC-2025-325: A flaw was found in rsync

Tue, 14 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-325: A flaw was found in rsync

JLSEC-2025-324: A flaw was found in rsync which could be triggered when rsync compares file checksums

Tue, 14 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-324: A flaw was found in rsync which could be triggered when rsync compares file checksums

JLSEC-2025-327: A flaw was found in rsync

Tue, 14 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-327: A flaw was found in rsync

JLSEC-2025-326: A path traversal vulnerability exists in rsync

Tue, 14 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-326: A path traversal vulnerability exists in rsync

JLSEC-2025-147: A flaw was found in FFmpeg's DASH playlist support

Mon, 06 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-147: A flaw was found in FFmpeg's DASH playlist support

JLSEC-2025-146: A flaw was found in FFmpeg's HLS demuxer

Mon, 06 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-146: A flaw was found in FFmpeg's HLS demuxer

JLSEC-2025-148: A flaw was found in FFmpeg

Mon, 06 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-148: A flaw was found in FFmpeg

JLSEC-2025-144: FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpegmuxinit.c component of ...

Fri, 03 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-144: FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpegmuxinit.c component of ...

JLSEC-2025-145: FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an inte...

Fri, 03 Jan 2025 00:00:00 +0000

Security advisory JLSEC-2025-145: FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an inte...

JLSEC-2025-142: A flaw was found in FFmpeg's TTY Demuxer

Tue, 31 Dec 2024 00:00:00 +0000

Security advisory JLSEC-2025-142: A flaw was found in FFmpeg's TTY Demuxer

JLSEC-2025-143: A flaw was found in FFmpeg's HLS playlist parsing

Tue, 31 Dec 2024 00:00:00 +0000

Security advisory JLSEC-2025-143: A flaw was found in FFmpeg's HLS playlist parsing

JLSEC-2026-468: JLSEC-2026-468

Mon, 23 Dec 2024 00:00:00 +0000

Security advisory JLSEC-2026-468: JLSEC-2026-468

JLSEC-2026-83: JLSEC-2026-83

Mon, 23 Dec 2024 00:00:00 +0000

Security advisory JLSEC-2026-83: JLSEC-2026-83

JLSEC-2026-413: When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could...

Wed, 11 Dec 2024 00:00:00 +0000

Security advisory JLSEC-2026-413: When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could...

JLSEC-2025-135: FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for a...

Fri, 29 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2025-135: FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for a...

JLSEC-2025-138: FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.

Fri, 29 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2025-138: FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.

JLSEC-2025-137: FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an ...

Fri, 29 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2025-137: FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an ...

JLSEC-2025-141: FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dspaltivec.c, static const vecs8 h_s...

Fri, 29 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2025-141: FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dspaltivec.c, static const vecs8 h_s...

JLSEC-2025-136: In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vu...

Fri, 29 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2025-136: In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vu...

JLSEC-2025-140: FFmpeg n6.1.1 is Integer Overflow

Fri, 29 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2025-140: FFmpeg n6.1.1 is Integer Overflow

JLSEC-2025-139: An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers t...

Fri, 29 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2025-139: An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers t...

JLSEC-2026-119: Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary...

Tue, 19 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2026-119: Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary...

JLSEC-2026-279: Rclone has Improper Permission and Ownership Handling on Symlink Targets with –links and –metadata

Fri, 15 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2026-279: Rclone has Improper Permission and Ownership Handling on Symlink Targets with –links and –metadata

JLSEC-2026-48: JLSEC-2026-48

Thu, 14 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2026-48: JLSEC-2026-48

JLSEC-2026-47: JLSEC-2026-47

Thu, 14 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2026-47: JLSEC-2026-47

JLSEC-2026-50: JLSEC-2026-50

Thu, 14 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2026-50: JLSEC-2026-50

JLSEC-2026-49: JLSEC-2026-49

Thu, 14 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2026-49: JLSEC-2026-49

JLSEC-2026-251: Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed...

Wed, 13 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2026-251: Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed...

JLSEC-2025-166: gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflo...

Mon, 11 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2025-166: gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflo...

JLSEC-2026-419: When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's...

Wed, 06 Nov 2024 00:00:00 +0000

Security advisory JLSEC-2026-419: When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's...

JLSEC-2025-65: An issue was discovered in libexpat before 2.6.4

Sun, 27 Oct 2024 00:00:00 +0000

Security advisory JLSEC-2025-65: An issue was discovered in libexpat before 2.6.4

JLSEC-2026-254: Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values...

Wed, 16 Oct 2024 00:00:00 +0000

Security advisory JLSEC-2026-254: Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values...

JLSEC-2025-241: executefilterdelta in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-b...

Thu, 10 Oct 2024 00:00:00 +0000

Security advisory JLSEC-2025-241: executefilterdelta in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-b...

JLSEC-2025-240: executefilteraudio in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-b...

Thu, 10 Oct 2024 00:00:00 +0000

Security advisory JLSEC-2025-240: executefilteraudio in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-b...

JLSEC-2026-303: JLSEC-2026-303

Wed, 09 Oct 2024 00:00:00 +0000

Security advisory JLSEC-2026-303: JLSEC-2026-303

JLSEC-2026-188: JLSEC-2026-188

Wed, 18 Sep 2024 00:00:00 +0000

Security advisory JLSEC-2026-188: JLSEC-2026-188

JLSEC-2026-418: When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP...

Wed, 11 Sep 2024 00:00:00 +0000

Security advisory JLSEC-2026-418: When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP...

JLSEC-2025-226: An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected a...

Thu, 05 Sep 2024 00:00:00 +0000

Security advisory JLSEC-2025-226: An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected a...

JLSEC-2026-253: Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server...

Tue, 03 Sep 2024 00:00:00 +0000

Security advisory JLSEC-2026-253: Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server...

JLSEC-2025-62: An issue was discovered in libexpat before 2.6.3

Fri, 30 Aug 2024 00:00:00 +0000

Security advisory JLSEC-2025-62: An issue was discovered in libexpat before 2.6.3

JLSEC-2025-64: An issue was discovered in libexpat before 2.6.3

Fri, 30 Aug 2024 00:00:00 +0000

Security advisory JLSEC-2025-64: An issue was discovered in libexpat before 2.6.3

JLSEC-2025-63: An issue was discovered in libexpat before 2.6.3

Fri, 30 Aug 2024 00:00:00 +0000

Security advisory JLSEC-2025-63: An issue was discovered in libexpat before 2.6.3

JLSEC-2025-134: A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5

Mon, 12 Aug 2024 00:00:00 +0000

Security advisory JLSEC-2025-134: A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5

JLSEC-2025-316: A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`

Mon, 12 Aug 2024 00:00:00 +0000

Security advisory JLSEC-2025-316: A null pointer dereference flaw was found in Libtiff via tif_dirinfo.c

JLSEC-2026-52: JLSEC-2026-52

Thu, 08 Aug 2024 00:00:00 +0000

Security advisory JLSEC-2026-52: JLSEC-2026-52

JLSEC-2026-180: JLSEC-2026-180

Wed, 07 Aug 2024 00:00:00 +0000

Security advisory JLSEC-2026-180: JLSEC-2026-180

JLSEC-2025-133: A vulnerability was found in FFmpeg up to 7.0.1

Tue, 06 Aug 2024 00:00:00 +0000

Security advisory JLSEC-2025-133: A vulnerability was found in FFmpeg up to 7.0.1

JLSEC-2025-38: libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Tim...

Wed, 31 Jul 2024 00:00:00 +0000

Security advisory JLSEC-2025-38: libcurl's ASN1 parser code has the GTime2str() function, used for parsing an ASN.1 Generalized Tim...

JLSEC-2025-37: libcurl's URL API function curlurlget() offers puny...

Wed, 24 Jul 2024 00:00:00 +0000

Security advisory JLSEC-2025-37: libcurl's URL API function curlurlget() offers puny...

JLSEC-2025-36: libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string

Wed, 24 Jul 2024 00:00:00 +0000

Security advisory JLSEC-2025-36: libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string

JLSEC-2026-187: JLSEC-2026-187

Fri, 19 Jul 2024 00:00:00 +0000

Security advisory JLSEC-2026-187: JLSEC-2026-187

JLSEC-2026-71: JLSEC-2026-71

Mon, 01 Jul 2024 00:00:00 +0000

Security advisory JLSEC-2026-71: JLSEC-2026-71

JLSEC-2026-93: JLSEC-2026-93

Fri, 28 Jun 2024 00:00:00 +0000

Security advisory JLSEC-2026-93: JLSEC-2026-93

JLSEC-2026-94: JLSEC-2026-94

Fri, 28 Jun 2024 00:00:00 +0000

Security advisory JLSEC-2026-94: JLSEC-2026-94

JLSEC-2026-252: Issue summary: Calling the OpenSSL API function SSLselectnext_proto with an empty supported...

Thu, 27 Jun 2024 00:00:00 +0000

Security advisory JLSEC-2026-252: Issue summary: Calling the OpenSSL API function SSLselectnext_proto with an empty supported...

JLSEC-2026-84: JLSEC-2026-84

Fri, 21 Jun 2024 00:00:00 +0000

Security advisory JLSEC-2026-84: JLSEC-2026-84

JLSEC-2026-120: JLSEC-2026-120

Sun, 16 Jun 2024 00:00:00 +0000

Security advisory JLSEC-2026-120: JLSEC-2026-120

JLSEC-2026-122: JLSEC-2026-122

Wed, 05 Jun 2024 00:00:00 +0000

Security advisory JLSEC-2026-122: JLSEC-2026-122

JLSEC-2026-377: JLSEC-2026-377

Mon, 03 Jun 2024 00:00:00 +0000

Security advisory JLSEC-2026-377: JLSEC-2026-377

JLSEC-2026-376: JLSEC-2026-376

Mon, 27 May 2024 00:00:00 +0000

Security advisory JLSEC-2026-376: JLSEC-2026-376

JLSEC-2026-250: Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary...

Thu, 16 May 2024 00:00:00 +0000

Security advisory JLSEC-2026-250: Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary...

JLSEC-2026-293: JLSEC-2026-293