Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20240522-04
HistoryMay 22, 2024 - 12:00 a.m.

ROS-20240522-04

2024-05-2200:00:00
redos.red-soft.ru
5
openssl
cryptographic library
vulnerability
ssl_op_no_ticket
session cache
denial of service
attack
unix

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

JSON

Vulnerability of OpenSSL cryptographic library is related to the use of non-standard option
SSL_OP_NO_TICKET option, in which case the session cache continues to grow indefinitely. Exploiting the vulnerability could
Allow an attacker acting remotely to cause a denial of service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64openssl3<= 3.2.1-2UNKNOWN

Related

cvelist 1
nessus 17
openvas 12
nvd 1
freebsd 1
redhatcve 1
cve 1
ubuntucve 1
openssl 1
mageia 1
osv 1
cgr 1
cbl_mariner 2
debiancve 1
alpinelinux 1
amazon 2
veracode 1
wolfi 1
photon 2
cvelist
cvelist
CVE-2024-2511 Unbounded memory growth with session handling in TLSv1.3
2024-04-08 13:51:12
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2024:1634-1)
2024-05-15 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-1_1 (SUSE-SU-2024:1808-1)
2024-05-30 00:00:00
SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2024:1949-1)
2024-06-08 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1633-1)
2024-05-14 00:00:00
openSUSE: Security Advisory for openssl (SUSE-SU-2024:1808-1)
2024-06-05 00:00:00
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1821)
2024-06-25 00:00:00
nvd
nvd
CVE-2024-2511
2024-04-08 14:15:07
freebsd
freebsd
OpenSSL -- Unbounded memory growth with session handling in TLSv1.3
2024-04-08 00:00:00
redhatcve
redhatcve
CVE-2024-2511
2024-04-09 06:58:20
cve
cve
CVE-2024-2511
2024-04-08 14:15:07
ubuntucve
ubuntucve
CVE-2024-2511
2024-04-08 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2024-2511
2024-04-08 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerability
2024-04-13 19:56:38
osv
osv
CVE-2024-2511
2024-04-08 14:15:07
cgr
cgr
CVE-2024-2511 vulnerabilities
2024-05-19 03:07:16
cbl_mariner
cbl_mariner
CVE-2024-2511 affecting package openssl for versions less than 3.3.0-1
2024-05-17 21:38:35
CVE-2024-2511 affecting package nodejs for versions less than 20.14.0-1
2024-06-21 09:32:44
debiancve
debiancve
CVE-2024-2511
2024-04-08 14:15:07
alpinelinux
alpinelinux
CVE-2024-2511
2024-04-08 14:15:07
amazon
amazon
Medium: edk2
2024-05-09 19:16:00
Medium: openssl11
2024-06-06 20:17:00
veracode
veracode
Denial Of Service (DoS)
2024-04-10 19:50:39
wolfi
wolfi
CVE-2024-2511 vulnerabilities
2024-06-25 15:33:25
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0243
2024-04-11 00:00:00
Critical Photon OS Security Update - PHSA-2024-4.0-0592
2024-04-17 00:00:00

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

JSON
Related for ROS-20240522-04
cvelist1nessus17openvas12nvd1freebsd1redhatcve1cve1ubuntucve1openssl1mageia1osv1cgr1cbl_mariner2debiancve1alpinelinux1amazon2veracode1wolfi1photon2