VDB
JLSEC-2026-252
JLSEC-2026-252
PUBLISHED
CVSS 9.100000381469727 CRITICAL
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported...
Risk Scores
CVSS v3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Julia | OpenSSL_jll | 0, 0 |
| Julia | Openresty_jll | 0, 0 |
Timeline
- Apr 27, 2026 CVE Published
- Apr 27, 2026 CVE Updated
References
- http://www.openwall.com/lists/oss-security/2024/06/27/1 url
- http://www.openwall.com/lists/oss-security/2024/06/28/4 url
- http://www.openwall.com/lists/oss-security/2024/08/15/1 url
- https://github.com/advisories/GHSA-4fc7-mvrr-wv2c url
- https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37 url
- https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e url
- https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c url
- https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c url
- https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c url
- https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87 url
- https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html url
- https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html url
- https://nvd.nist.gov/vuln/detail/CVE-2024-5535 url
- https://security.netapp.com/advisory/ntap-20240712-0005 url
- https://security.netapp.com/advisory/ntap-20240712-0005/ url
- https://security.netapp.com/advisory/ntap-20241025-0006 url
- https://security.netapp.com/advisory/ntap-20241025-0006/ url
- https://security.netapp.com/advisory/ntap-20241025-0010 url
- https://security.netapp.com/advisory/ntap-20241025-0010/ url
- https://www.openssl.org/news/secadv/20240627.txt url