197 matches found
SUSE CVE-2023-35784
A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...
CVE-2023-35784
A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...
CVE-2023-35784
A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...
CVE-2023-35784
A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...
Double free
A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...
CVE-2023-35784
A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...
CVE-2023-35784
A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...
CVE-2023-35784
Concretely affected software and fixes: OpenBSD 7.2 before errata 026 and OpenBSD 7.3 before errata 004 are vulnerable due to a double free or use-after-free after SSL_clear; LibreSSL is vulnerable before 3.6.3 and before 3.7.3 in the 3.7.x line. Remediation is to apply the respective OpenBSD err...
PT-2023-25312 · Openbsd +2 · Openbsd +2
Name of the Vulnerable Software and Affected Versions: OpenBSD versions 7.2 before errata 026 OpenBSD versions 7.3 before errata 004 LibreSSL versions prior to 3.6.3 LibreSSL versions 3.7.x prior to 3.7.3 Description: A double free or use after free could occur after SSL clear. This issue does no...
SUSE CVE-2021-46880
x509/x509verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded...
CVE-2021-46880
x509/x509verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded...
LibreSSL 信任管理问题漏洞
LibreSSL is an open source implementation of a secure socket layer and transport layer security protocol. A security vulnerability exists in LibreSSL versions prior to 3.4.2, which stems from an error that sometimes drops unvalidated certificate chains, and an authentication bypass...
SUSE CVE-2022-48437
An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...
CVE-2021-46880
x509/x509verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded...
CVE-2021-46880
x509/x509verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded...
CVE-2021-46880
The CVE-2021-46880 issue affects LibreSSL before 3.4.2 and OpenBSD before 7.0 errata 006, where an error for an unverified certificate chain is sometimes discarded during x509_verify.c processing, allowing authentication bypass. This is documented as a high-impact vulnerability with CVSS 3.1 vect...
PT-2023-12600 · Openbsd +1 · Openbsd +2
Name of the Vulnerable Software and Affected Versions: LibreSSL versions prior to 3.4.2 OpenBSD versions prior to 7.0 errata 006 Description: The issue allows authentication bypass due to an error for an unverified certificate chain sometimes being discarded in the x509 verify.c file. This occurs...
CVE-2022-48437
An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...
CVE-2022-48437
An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...
Code injection
An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...