CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

4.3CVSS6.7AI score0.04781EPSS

Astra Linux - уязвимость в openssl1.0

The Raccoon attack exploits a flaw in the TLS specification, which allows an attacker to calculate the pre-master secret in connections that use a Diffie-Hellman DH-based ciphersuite. In such cases, the attacker can eavesdrop on all encrypted communications sent over that TLS connection. The atta...

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в openssl

A security vulnerability has been identified in all supported versions of OpenSSL, related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use o...

7.5CVSS6.5AI score0.03658EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в openssl, openssl1.0

ASN.1 strings are internally represented within OpenSSL as an ASN1STRING structure, which contains a buffer for storing the string data and a field for storing the buffer length. This is different from regular C strings, which are represented as a buffer for the string data, terminated with a NUL...

7.4CVSS6.9AI score0.50445EPSS

4.7CVSS6.8AI score0.01198EPSS

Astra Linux - уязвимость в openssl1.0

Normally, in OpenSSL, EC groups always contain a co-factor, and this co-factor is used in code paths that resist side channels. However, in some cases, it is possible to create a group using explicit parameters instead of a named curve. In these cases, the group may not contain a co-factor. This...

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в openssl1.0

Calls to the EVPCipherUpdate, EVPEncryptUpdate, and EVPDecryptUpdate functions may cause the output length argument to overflow in some cases where the input length is close to the maximum permissible length for integers on the platform. In such cases, the return value from the function call will...

7.5CVSS6.7AI score0.50732EPSS

6.5CVSS6.8AI score0.01975EPSS

Astra Linux - уязвимость в php7.3

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23, and 7.4.x below 7.4.11, when AES-CCM mode is used with the opensslencrypt function and a 12-byte IV is provided, only the first 7 bytes of the IV are actually used. This can result in reduced security and incorrect encrypted data...

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в openssl

Issue Summary: Generating excessively long X9.42 DH keys or checking overly long X9.42 DH keys or parameters can be very slow. Applications that use functions like DHgeneratekey to generate an X9.42 DH key may experience prolonged delays. Similarly, applications that use DHcheckpubkey,...

5.3CVSS6.7AI score0.04459EPSS

5.9CVSS6.7AI score0.06968EPSS

Astra Linux - уязвимость в openssl1.0

The X.509 GENERALNAME type is a generic type used to represent various types of names. One of these name types is known as EDIPARTYNAME. OpenSSL provides a function called GENERALNAMEcmp, which compares different instances of a GENERALNAME to determine whether they are equal. This function behave...

Exploits3References2

4.3CVSS6.6AI score0.03838EPSS

Astra Linux - уязвимость в openssl1.0

In situations where an attacker receives automated notifications of the success or failure of a decryption attempt, an attacker can recover the CMS/PKCS7 transport encryption key after sending a very large number of messages to be decrypted. They can also decrypt any RSA-encrypted message encrypt...

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в openssl

In addition to the crehash shell command injection identified in CVE-2022-1292, further instances where the crehash script fails to properly sanitize shell metacharacters to prevent command injection were discovered during code reviews. When CVE-2022-1292 was fixed, it wasn’t recognized that ther...

10CVSS7.3AI score0.95764EPSS

Exploits1References2

10CVSS7AI score0.83583EPSS

Astra Linux - уязвимость в openssl

The crehash script does not properly sanitize shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner that it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...

Exploits5References2

5.9CVSS7AI score0.16195EPSS

Astra Linux - уязвимость в openssl

There exists a timing-based side channel in the OpenSSL RSA Decryption implementation. This vulnerability could be sufficient for an attacker to recover plaintext across a network in a Bleichenbacher-style attack. To successfully decrypt data, an attacker would need to be able to send a very larg...

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в openssl

AES OCB mode for 32-bit x86 platforms, using the AES-NI assembly-optimized implementation, may not encrypt all of the data under certain circumstances. This could reveal sixteen bytes of data that were already present in the memory but were not written. In the special case of “in-place” encryptio...

5.3CVSS6.7AI score0.02024EPSS

5.5CVSS6.7AI score0.03174EPSS

Astra Linux - уязвимость в openssl

Issue Summary: Processing a maliciously formatted PKCS12 file may cause OpenSSL to crash, leading to a potential Denial of Service attack. Impact Summary: Applications that load files in PKCS12 format from untrusted sources may terminate abruptly. A PKCS12 file can contain certificates and keys,...

5.3CVSS6.6AI score0.05533EPSS

Astra Linux - уязвимость в openssl

Issue summary: Checking excessively long DH keys or parameters can be very slow. Applications that use functions such as DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the key or parameters are obtained from an untrusted source, this ca...