Lucene search

K
osvGoogleOSV:USN-5051-1
HistoryAug 24, 2021 - 3:26 p.m.

openssl vulnerabilities

2021-08-2415:26:39
Google
osv.dev
5

AI Score

7.8

Confidence

High

EPSS

0.068

Percentile

93.9%

John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2
data. A remote attacker could use this issue to cause applications using
OpenSSL to crash, resulting in a denial of service, or possibly change
application behaviour. (CVE-2021-3711)

Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1
strings. A remote attacker could use this issue to cause OpenSSL to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2021-3712)