Lucene search
K

170 matches found

Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.36 views

SUSE SLES15: libopenssl-1_0_0-devel / libopenssl-1_0_0-devel-32bit / etc (SUSE-SU-2023:2331-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2331-1 advisory. - CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers bsc1211430. Tenable has extracted the...

6.5CVSS6.7AI score0.73461EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.26 views

SUSE SLES12: libopenssl-devel / libopenssl1_0_0 / libopenssl1_0_0-32bit / etc (SUSE-SU-2023:2332-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:2332-1 advisory. - CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers bsc1211430. Tenable has extracted the preceding description bloc...

6.5CVSS6.7AI score0.73461EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.39 views

SUSE SLES12: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2023:2328-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2328-1 advisory. - CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers bsc1211430. Tenable has extracted the preceding...

6.5CVSS6.7AI score0.73461EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.18 views

SUSE SLES12: libopenssl-1_0_0-devel / libopenssl-1_0_0-devel-32bit / etc (SUSE-SU-2023:2330-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2330-1 advisory. - CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers bsc1211430. Tenable has extracted the preceding...

6.5CVSS6.7AI score0.73461EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.41 views

Debian DSA-5417-1 : openssl - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5417 advisory. - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy...

7.5CVSS6.5AI score0.73461EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2023/05/30 3:11 p.m.220 views

CVE-2023-2650

A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when...

6.5CVSS6.6AI score0.73461EPSS
Exploits0References4
NVD
NVD
added 2023/05/30 2:15 p.m.20 views

CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS7AI score0.73461EPSS
Exploits0References12
OSV
OSV
added 2023/05/30 2:15 p.m.5 views

AZL-37674 CVE-2023-2650 affecting package hvloader for versions less than 1.0.1-9

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS6.6AI score0.73461EPSS
Exploits0References1
OSV
OSV
added 2023/05/30 2:15 p.m.6 views

AZL-34667 CVE-2023-2650 affecting package edk2 for versions less than 20230301gitf80f052277c8-37

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS6.6AI score0.73461EPSS
Exploits0References1
OSV
OSV
added 2023/05/30 2:15 p.m.6 views

ALPINE-CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS6.6AI score0.73461EPSS
Exploits0References1
Prion
Prion
added 2023/05/30 2:15 p.m.42 views

Authentication flaw

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

4.3CVSS6.8AI score0.73461EPSS
Exploits0References12Affected Software2
Cvelist
Cvelist
added 2023/05/30 1:40 p.m.36 views

CVE-2023-2650 Possible DoS translating ASN.1 object identifiers

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.9AI score0.73461EPSS
Exploits0References12
CVE
CVE
added 2023/05/30 1:40 p.m.867 views

CVE-2023-2650

CVE-2023-2650 describes a potential Denial of Service caused by extremely slow translation of large ASN.1 OBJECT IDENTIFIERs via OBJ_obj2txt(), affecting OpenSSL-based workflows and related subsystems. Connected docs confirm multiple vendors reference this issue and link patches or updated packag...

6.5CVSS7AI score0.73461EPSS
Exploits0References12Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/30 1:40 p.m.4 views

CVE-2023-2650 Possible DoS translating ASN.1 object identifiers

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.9AI score0.73461EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2023/05/30 1:40 p.m.210 views

CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS6.5AI score0.73461EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2023/05/30 12:0 a.m.117 views

CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS6.7AI score0.73461EPSS
Exploits0References6
OpenSSL
OpenSSL
added 2023/05/30 12:0 a.m.62 views

Vulnerability in OpenSSL - Possible DoS translating ASN.1 object identifiers

Issue summary : Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary : Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.9AI score0.73461EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/05/30 12:0 a.m.23 views

Slackware Linux 15.0 / current openssl Vulnerability (SSA:2023-150-01)

The version of openssl installed on the remote host is prior to 1.1.1u / 3.1.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-150-01 advisory. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact...

6.5CVSS6.9AI score0.73461EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/30 12:0 a.m.73 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 : OpenSSL vulnerabilities (USN-6119-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6119-1 advisory. Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possib...

6.5CVSS7.1AI score0.73461EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.4 views

SUSE CVE-2008-7159

The silcasn1encoder function in lib/silcasn1/silcasn1encode.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string...

5.8CVSS7.9AI score0.03424EPSS
Exploits0References4
Rows per page
Query Builder