Lucene search
K

8 matches found

OSV
OSV
added 2024/03/06 11:5 a.m.27 views

BIT-NODE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.5AI score0.18339EPSS
Exploits1References25
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.5 views

SUSE CVE-2021-3450

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.2AI score0.18339EPSS
Exploits1References13
Github Security Blog
Github Security Blog
added 2021/08/25 8:54 p.m.50 views

Certificate check bypass in openssl-src

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.6AI score0.18339EPSS
Exploits1References27Affected Software1
OSV
OSV
added 2021/08/25 8:54 p.m.50 views

GHSA-8HFJ-XRJ2-PM22 Certificate check bypass in openssl-src

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.5AI score0.18339EPSS
Exploits1References27
OpenVAS
OpenVAS
added 2021/03/26 12:0 a.m.20 views

OpenSSL: CA Certificate Check Bypass Vulnerability (CVE-2021-3450) - Windows

OpenSSL is prone to a CA certificate check bypass vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

7.4CVSS7.7AI score0.18339EPSS
Exploits1References1
OSV
OSV
added 2021/03/25 3:15 p.m.26 views

CVE-2021-3450

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS6.7AI score
Exploits0References24
CNNVD
CNNVD
added 2021/03/25 12:0 a.m.5 views

OpenSSL 信任管理问题漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the Openssl team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of cryptographic algorithms , including symmetric ciphers , hash algorithms ,...

7.4CVSS8.5AI score0.62906EPSS
Exploits4References105
Positive Technologies
Positive Technologies
added 2021/03/25 12:0 a.m.10 views

PT-2021-2477 · Openssl +6 · Openssl +6

Name of the Vulnerable Software and Affected Versions: OpenSSL versions 1.1.1h through 1.1.1j Description: The issue is related to an error in the implementation of a check for certificates in a chain that have explicitly encoded elliptic curve parameters when the X509 V FLAG X509 STRICT flag is...

10CVSS6.3AI score0.99999EPSS
Exploits204References708
Rows per page
Query Builder