Lucene search
+L

18 matches found

osv
osv
added 2026/04/27 6:33 p.m.14 views

JLSEC-2026-233 openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

7.5CVSS7.1AI score0.04494EPSS
Exploits0References15
osv
osv
added 2024/07/03 5:16 p.m.6 views

CLSA-2024-1720026957 openssl: Fix of 2 CVEs

CVE-2023-0215: biondef: fix a UAF resulting from a bug in BIOnewNDEF - CVE-2023-0464: x509v3: Limit X.509 certificate tree size to avoid exponential use of computational resources...

7.5CVSS7AI score0.04494EPSS
Exploits0References1
amazon
amazon
added 2023/07/25 12:0 a.m.4 views

Important: openssl-snapsafe

Issue Overview: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number o...

7.5CVSS6.8AI score0.75116EPSS
Exploits0
redhat
redhat
added 2023/06/05 4:29 p.m.4 views

openssl: use-after-free following BIO_new_NDEF

A use-after-free vulnerability was found in OpenSSL's BIOnewNDEF function. The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be...

7.5CVSS6.6AI score0.04494EPSS
Exploits0References5
redhat
redhat
added 2023/05/09 9:50 a.m.5 views

openssl: use-after-free following BIO_new_NDEF

A use-after-free vulnerability was found in OpenSSL's BIOnewNDEF function. The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be...

7.5CVSS6.6AI score0.04494EPSS
Exploits0References5
redhat
redhat
added 2023/03/22 10:38 a.m.4 views

openssl: use-after-free following BIO_new_NDEF

A use-after-free vulnerability was found in OpenSSL's BIOnewNDEF function. The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be...

7.5CVSS6.6AI score0.04494EPSS
Exploits0References5
osv
osv
added 2023/03/04 11:4 a.m.4 views

OESA-2023-1135 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, C...

7.5CVSS8.7AI score0.59501EPSS
Exploits0References5
redhat
redhat
added 2023/02/28 8:22 a.m.5 views

openssl: use-after-free following BIO_new_NDEF

A use-after-free vulnerability was found in OpenSSL's BIOnewNDEF function. The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be...

7.5CVSS6.6AI score0.04494EPSS
Exploits0References5
osv
osv
added 2023/02/17 11:4 a.m.4 views

OESA-2023-1092 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL...

7.5CVSS8.7AI score0.59501EPSS
Exploits0References5
susecve
susecve
added 2023/02/15 3:22 a.m.6 views

SUSE CVE-2023-0215

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

5.9CVSS7.1AI score0.04494EPSS
Exploits0References90
mscve
mscve
added 2023/02/13 8:0 a.m.4 views

Use-after-free following BIO_new_NDEF

...

7.5CVSS7.5AI score0.04494EPSS
Exploits0
osv
osv
added 2023/02/10 10:51 a.m.8 views

CLSA-2023-1676026276 openssl: Fix of 2 CVEs

CVE-2023-0215: Fix a UAF resulting from a bug in BIOnewNDEF - CVE-2023-0286: Fix GENERALNAMEcmp for x400Address...

7.5CVSS7AI score0.59501EPSS
Exploits0References1
osv
osv
added 2023/02/10 10:45 a.m.7 views

CLSA-2023-1676025915 openssl: Fix of 2 CVEs

CVE-2023-0215: Fix a UAF resulting from a bug in BIOnewNDEF - CVE-2023-0286: Fix GENERALNAMEcmp for x400Address...

7.5CVSS6.9AI score0.59501EPSS
Exploits0References1
osv
osv
added 2023/02/10 10:39 a.m.8 views

CLSA-2023-1676025596 openssl: Fix of 2 CVEs

CVE-2023-0215: Fix a UAF resulting from a bug in BIOnewNDEF - CVE-2023-0286: Fix GENERALNAMEcmp for x400Address...

7.5CVSS7AI score0.59501EPSS
Exploits0References1
osv
osv
added 2023/02/08 8:15 p.m.4 views

AZL-13352 CVE-2023-0215 affecting package openssl for versions less than 1.1.1k-21

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

7.5CVSS6.6AI score0.04494EPSS
Exploits0References1
osv
osv
added 2023/02/08 8:15 p.m.15 views

AZL-13301 CVE-2023-0215 affecting package cloud-hypervisor for versions less than 30.0-2

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

7.5CVSS6.6AI score0.04494EPSS
Exploits0References1
osv
osv
added 2023/02/07 12:0 a.m.10 views

UBUNTU-CVE-2023-0215

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

7.5CVSS6.7AI score0.04494EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2022/11/29 12:0 a.m.14 views

PT-2022-6260

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified MySQL Server versions 5.7.41 and earlier, 8.0.32 and earlier Description The public API function BIO new NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally...

10CVSS7.8AI score0.96275EPSS
Exploits22References860
Rows per page
Query Builder