4 matches found
Allocation of Resources Without Limits or Throttling
Overview org.bouncycastle:bcprov-jdk14 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting...
openssl: Possible DoS translating ASN.1 object identifiers
A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when...
SUSE-SU-2023:2470-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - Update to version 3.0.8 bsc1207541. - CVE-2022-40735: Fixed remote trigger of expensive server-side DHE modular-exponentiation with long exponents in Diffie-Hellman Key Agreement Protocol bsc1205476. - CVE-2023-1255: Fixed input buffer...
SUSE-SU-2023:2331-1 Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: - CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers bsc1211430...