Lucene search
K

29 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в openssl1.0

The OpenSSL public API function X509issuerandserialhash attempts to generate a unique hash value based on the issuer and serial number data contained within an X509 certificate. However, it fails to properly handle any errors that may occur during the parsing of the issuer field—errors that could...

5.9CVSS6.8AI score0.07471EPSS
Exploits0References2
OSV
OSV
added 2026/04/27 6:33 p.m.8 views

JLSEC-2026-222 Integer Overflow in openssl-src

The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field which might occur if the...

5.9CVSS6.3AI score0.07471EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2021-23840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the...

7.5CVSS6.7AI score0.50732EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 11:5 a.m.29 views

BIT-NODE-2021-23840 Integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

7.5CVSS7.5AI score0.50732EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.4 views

SUSE CVE-2021-3450

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.2AI score0.18339EPSS
Exploits1References13
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.2 views

SUSE CVE-2021-23840

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

6.5CVSS9.6AI score0.50732EPSS
Exploits0References139
OSV
OSV
added 2022/05/24 7:12 p.m.37 views

GHSA-Q9WJ-F4QW-6VFJ Read buffer overruns processing ASN.1 strings

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

7.4CVSS7.9AI score0.50445EPSS
Exploits0References31
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.49 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2022-0017)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities: - Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is clo...

7.5CVSS6.5AI score0.50732EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2021/08/25 8:54 p.m.49 views

Certificate check bypass in openssl-src

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.6AI score0.18339EPSS
Exploits1References27Affected Software1
OSV
OSV
added 2021/08/25 8:54 p.m.49 views

GHSA-8HFJ-XRJ2-PM22 Certificate check bypass in openssl-src

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.5AI score0.18339EPSS
Exploits1References27
Github Security Blog
Github Security Blog
added 2021/08/25 8:52 p.m.46 views

Integer Overflow in openssl-src

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

5.9CVSS7.2AI score0.07471EPSS
Exploits0References27Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/07/01 12:0 a.m.33 views

EulerOS Virtualization 3.0.6.6 : openssl (EulerOS-SA-2021-2032)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial...

7.5CVSS6.5AI score0.50732EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/03/26 12:0 a.m.19 views

OpenSSL: CA Certificate Check Bypass Vulnerability (CVE-2021-3450) - Windows

OpenSSL is prone to a CA certificate check bypass vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

7.4CVSS7.7AI score0.18339EPSS
Exploits1References1
OSV
OSV
added 2021/03/25 3:15 p.m.26 views

CVE-2021-3450

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS6.7AI score
Exploits0References24
Positive Technologies
Positive Technologies
added 2021/03/25 12:0 a.m.9 views

PT-2021-2477 · Openssl +6 · Openssl +6

Name of the Vulnerable Software and Affected Versions: OpenSSL versions 1.1.1h through 1.1.1j Description: The issue is related to an error in the implementation of a check for certificates in a chain that have explicitly encoded elliptic curve parameters when the X509 V FLAG X509 STRICT flag is...

10CVSS6.3AI score0.99999EPSS
Exploits203References708
CNNVD
CNNVD
added 2021/03/25 12:0 a.m.4 views

OpenSSL 信任管理问题漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the Openssl team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of cryptographic algorithms , including symmetric ciphers , hash algorithms ,...

7.4CVSS8.5AI score0.62906EPSS
Exploits4References105
Tenable Nessus
Tenable Nessus
added 2021/03/23 12:0 a.m.33 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : OpenSSL vulnerabilities (USN-4738-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4738-1 advisory. Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly...

7.5CVSS6.6AI score0.50732EPSS
Exploits0References3
Amazon
Amazon
added 2021/03/20 12:0 a.m.90 views

Medium: openssl11

Issue Overview: Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1...

7.5CVSS7.4AI score0.50732EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/03/19 12:0 a.m.118 views

Tenable Nessus Agent < 8.2.3 Multiple Vulnerabilities (TNS-2021-04)

Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token. Additionally, one third-part...

7.5CVSS6.6AI score0.50732EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/02/17 12:0 a.m.25 views

OpenSSL: Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841) - Linux

OpenSSL is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

5.9CVSS6.9AI score0.07471EPSS
Exploits0References1
Rows per page
Query Builder