Lucene search
K

197 matches found

SUSE CVE
SUSE CVE
added 2023/06/20 1:13 a.m.3 views

SUSE CVE-2023-35784

A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...

9.8CVSS9.3AI score0.00948EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/16 8:15 p.m.2 views

CVE-2023-35784

A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...

9.8CVSS5.3AI score0.00948EPSS
Exploits0References8
NVD
NVD
added 2023/06/16 8:15 p.m.22 views

CVE-2023-35784

A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...

9.8CVSS9.6AI score0.00948EPSS
Exploits0References5
OSV
OSV
added 2023/06/16 8:15 p.m.19 views

CVE-2023-35784

A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...

9.8CVSS7.2AI score
Exploits0References5
Prion
Prion
added 2023/06/16 8:15 p.m.207 views

Double free

A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...

7.5CVSS9.4AI score0.00948EPSS
Exploits0References5Affected Software2
Vulnrichment
Vulnrichment
added 2023/06/16 12:0 a.m.15 views

CVE-2023-35784

A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...

7AI score0.00948EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/06/16 12:0 a.m.26 views

CVE-2023-35784

A double free or use after free could occur after SSLclear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected...

9.8AI score0.00948EPSS
Exploits0References5
CVE
CVE
added 2023/06/16 12:0 a.m.386 views

CVE-2023-35784

Concretely affected software and fixes: OpenBSD 7.2 before errata 026 and OpenBSD 7.3 before errata 004 are vulnerable due to a double free or use-after-free after SSL_clear; LibreSSL is vulnerable before 3.6.3 and before 3.7.3 in the 3.7.x line. Remediation is to apply the respective OpenBSD err...

9.8CVSS9.4AI score0.00948EPSS
Exploits0References5Affected Software2
Positive Technologies
Positive Technologies
added 2023/06/16 12:0 a.m.9 views

PT-2023-25312 · Openbsd +2 · Openbsd +2

Name of the Vulnerable Software and Affected Versions: OpenBSD versions 7.2 before errata 026 OpenBSD versions 7.3 before errata 004 LibreSSL versions prior to 3.6.3 LibreSSL versions 3.7.x prior to 3.7.3 Description: A double free or use after free could occur after SSL clear. This issue does no...

9.8CVSS6.8AI score0.59501EPSS
Exploits1References26
SUSE CVE
SUSE CVE
added 2023/04/18 1:47 a.m.2 views

SUSE CVE-2021-46880

x509/x509verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded...

9.8CVSS9.5AI score0.00568EPSS
Exploits0References3
OSV
OSV
added 2023/04/15 12:15 a.m.14 views

CVE-2021-46880

x509/x509verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded...

9.8CVSS9.9AI score
Exploits0References4
CNNVD
CNNVD
added 2023/04/15 12:0 a.m.4 views

LibreSSL 信任管理问题漏洞

LibreSSL is an open source implementation of a secure socket layer and transport layer security protocol. A security vulnerability exists in LibreSSL versions prior to 3.4.2, which stems from an error that sometimes drops unvalidated certificate chains, and an authentication bypass...

9.8CVSS8.3AI score0.00568EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/04/14 1:52 a.m.3 views

SUSE CVE-2022-48437

An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...

5.3CVSS9.2AI score0.00362EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/04/14 12:0 a.m.20 views

CVE-2021-46880

x509/x509verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded...

9.9AI score0.00568EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/04/14 12:0 a.m.7 views

CVE-2021-46880

x509/x509verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded...

7.2AI score0.00568EPSS
Exploits0References4
CVE
CVE
added 2023/04/14 12:0 a.m.75 views

CVE-2021-46880

The CVE-2021-46880 issue affects LibreSSL before 3.4.2 and OpenBSD before 7.0 errata 006, where an error for an unverified certificate chain is sometimes discarded during x509_verify.c processing, allowing authentication bypass. This is documented as a high-impact vulnerability with CVSS 3.1 vect...

9.8CVSS9.6AI score0.00568EPSS
Exploits0References4Affected Software2
Positive Technologies
Positive Technologies
added 2023/04/14 12:0 a.m.11 views

PT-2023-12600 · Openbsd +1 · Openbsd +2

Name of the Vulnerable Software and Affected Versions: LibreSSL versions prior to 3.4.2 OpenBSD versions prior to 7.0 errata 006 Description: The issue allows authentication bypass due to an error for an unverified certificate chain sometimes being discarded in the x509 verify.c file. This occurs...

9.8CVSS6.9AI score0.59501EPSS
Exploits1References25
NVD
NVD
added 2023/04/12 5:15 a.m.27 views

CVE-2022-48437

An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...

5.3CVSS5.2AI score0.00362EPSS
Exploits0References3
OSV
OSV
added 2023/04/12 5:15 a.m.17 views

CVE-2022-48437

An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...

5.3CVSS5.5AI score
Exploits0References3
Prion
Prion
added 2023/04/12 5:15 a.m.28 views

Code injection

An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...

5CVSS5.3AI score0.00362EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder