Lucene search
K

37 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/24 12:0 a.m.20 views

SUSE SLES15 / openSUSE 15 Security Update : openssl-1_1-livepatches (SUSE-SU-2023:0482-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0482-1 advisory. - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralName via livepatch bsc1207533. Tenable has extracted the preceding...

7.4CVSS7.1AI score0.59501EPSS
Exploits0References4
Prion
Prion
added 2023/02/08 8:15 p.m.40 views

Type confusion

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

4CVSS7.6AI score0.59501EPSS
Exploits0References7Affected Software3
Debian CVE
Debian CVE
added 2023/02/08 7:1 p.m.107 views

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS7.3AI score0.59501EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/02/08 7:1 p.m.532 views

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS7.8AI score0.59501EPSS
Exploits0
OSV
OSV
added 2023/02/07 12:0 p.m.45 views

RUSTSEC-2023-0006 X.400 address type confusion in X.509 `GeneralName`

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS7.6AI score0.59501EPSS
Exploits0References3
RustSec
RustSec
added 2023/02/07 12:0 p.m.105 views

X.400 address type confusion in X.509 `GeneralName`

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS6.7AI score0.59501EPSS
Exploits0Affected Software1
OpenSSL
OpenSSL
added 2023/02/07 12:0 a.m.141 views

Vulnerability in OpenSSL - X.400 address type confusion in X.509 GeneralName

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.8AI score0.59501EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2023/02/07 12:0 a.m.54 views

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS7AI score0.59501EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/10/16 12:0 a.m.42 views

GLSA-202210-02 : OpenSSL: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-02 OpenSSL: Multiple Vulnerabilities - The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman DH...

10CVSS7.9AI score0.87816EPSS
Exploits8References15
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.50 views

EulerOS Virtualization 2.9.0 : openssl (EulerOS-SA-2021-2770)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an...

9.8CVSS7.3AI score0.87816EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.304 views

F5 Networks BIG-IP : OpenSSL vulnerability (K19559038)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K19559038 advisory. ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the...

7.4CVSS7AI score0.50445EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/03 12:0 a.m.49 views

Debian DLA-2774-1 : openssl1.0 - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2774 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length...

7.4CVSS7AI score0.50445EPSS
Exploits0References5
Veracode
Veracode
added 2021/08/25 12:41 p.m.254 views

Denial Of Service

openssl is vulnerable to denial of service. The vulnerability exists due to the system constructing valid ASN1STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1STRING array...

7.4CVSS2.9AI score0.50445EPSS
Exploits0References30Affected Software23
OSV
OSV
added 2021/08/24 3:15 p.m.3 views

ALPINE-CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

7.4CVSS6.8AI score0.50445EPSS
Exploits0References1
NVD
NVD
added 2021/08/24 3:15 p.m.18 views

CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

7.4CVSS0.50445EPSS
Exploits0References25
Debian CVE
Debian CVE
added 2021/08/24 2:50 p.m.71 views

CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

7.4CVSS7.1AI score0.50445EPSS
Exploits0
OSV
OSV
added 2021/08/24 12:0 a.m.3 views

UBUNTU-CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

7.4CVSS6.9AI score0.50445EPSS
Exploits0References9
Rows per page
Query Builder