48 matches found
Astra Linux - уязвимость в openssl1.0
The X.509 GENERALNAME type is a generic type used to represent various types of names. One of these name types is known as EDIPARTYNAME. OpenSSL provides a function called GENERALNAMEcmp, which compares different instances of a GENERALNAME to determine whether they are equal. This function behave...
JLSEC-2026-234 Vulnerable OpenSSL included in cryptography wheels
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...
CVE-2025-65494
CVE-2025-65494 affects libcoap (notably libcoap 4.3.5 and Fedora 4.3.5a packages). It stems from a NULL pointer dereference in get_san_or_cn_from_cert() inside src/coap_openssl.c, which can be triggered by a crafted X.509 certificate and may cause a denial of service. The vulnerability is reporte...
TencentOS Server 3: compat-openssl10 (TSSA-2025:0443)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0443 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Hitachi ABB AFS Double Free (CVE-2022-4450)
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This plugin only works wi...
RLSA-2025:7937 Important: compat-openssl11 security update
The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
CVE-2023-0286 -X.400 address type confusion in X.509 GeneralName
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
nodejs: Certificate Verification Bypass via String Injection
It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in data injection. A certificate could use a specially crafted extension in order to be successfully validated, permitting an attacker to impersonate a trusted host...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
X.400 address type confusion in X.509 GeneralName
...