Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.37 views

OpenSSL 3.6.0 < 3.6.3 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.6.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.6.3 advisory. - Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification...

9.1CVSS7.3AI score0.02719EPSS
Exploits0References53
OSV
OSV
added 2021/06/01 9:17 p.m.13 views

GHSA-X5H4-9GQW-942J Improper Verification of Cryptographic Signature in aws-encryption-sdk

Impact This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In...

7.2AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2021/06/01 9:17 p.m.45 views

Improper Verification of Cryptographic Signature in aws-encryption-sdk-java

Impact This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This update addresses an issue where certain invalid ECDSA signatures incorrectly passed validation. These signatures provide defense in depth...

5.3CVSS5.7AI score0.0021EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/06/01 9:17 p.m.17 views

GHSA-55XH-53M6-936R Improper Verification of Cryptographic Signature in aws-encryption-sdk-java

Impact This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This update addresses an issue where certain invalid ECDSA signatures incorrectly passed validation. These signatures provide defense in depth...

6.9CVSS5.9AI score0.0021EPSS
Exploits0References4
Rows per page
Query Builder