Lucene search
K

115 matches found

OSV
OSV
added 2024/05/27 1:27 p.m.7 views

SUSE-SU-2024:1789-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before validating bsc1224388...

5.3CVSS6.8AI score0.01131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/17 2:56 a.m.1 views

SUSE CVE-2024-4603

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS8.1AI score0.01131EPSS
Exploits0References8
OSV
OSV
added 2024/05/16 4:15 p.m.6 views

AZL-42049 CVE-2024-4603 affecting package openssl for versions less than 3.3.2-1

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.5 views

AZL-78534 CVE-2024-4603 affecting package openssl-fips-provider 3.1.2-1

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.4 views

DEBIAN-CVE-2024-4603

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.7AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.4 views

ALPINE-CVE-2024-4603

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.9AI score0.01131EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.3 views

OpenSSL 安全漏洞

OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a wide range of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

5.3CVSS6.9AI score0.01131EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/03/26 3:58 p.m.19 views

CVE-2024-2212 Integer wraparounds, under-allocations, and heap buffer overflows in Eclipse ThreadX xQueueCreate() and xQueueCreateSet()

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

7.3CVSS7.3AI score0.00541EPSS
Exploits2References3
CVE
CVE
added 2024/03/26 3:58 p.m.95 views

CVE-2024-2212

Summary: CVE-2024-2212 affects Eclipse ThreadX prior to 6.4.0 due to missing parameter checks in the FreeRTOS compatibility API functions xQueueCreate() and xQueueCreateSet() (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c). This can cause integer wraparound, under-allocations, and heap...

7.8CVSS7.3AI score0.00541EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2024/03/26 3:58 p.m.6 views

CVE-2024-2212 Integer wraparounds, under-allocations, and heap buffer overflows in Eclipse ThreadX xQueueCreate() and xQueueCreateSet()

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

7.3CVSS6.1AI score0.00541EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2024/03/25 12:0 a.m.4 views

PT-2024-2446 · Microsoft +1 · Azure-C-Shared-Utility +1

Name of the Vulnerable Software and Affected Versions: azure-c-shared-utility affected versions not specified Description: The azure-c-shared-utility library has a vulnerability related to the parameter checking mechanism, which can cause an integer wraparound, under-allocation, or heap buffer...

6.4CVSS7.8AI score0.04967EPSS
Exploits0References15
Ubuntu
Ubuntu
added 2024/03/21 4:53 p.m.399 views

USN-6709-1: OpenSSL vulnerabilities

It was discovered that checking excessively long DH keys or parameters may be very slow. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. CVE-2023-3446 After the fix for CVE-2023-3446 Bernd Edlinger discovered that a large q...

5.5CVSS6.6AI score0.05533EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/03/19 5:30 p.m.7 views

openssl: Excessive time spent checking DH keys and parameters

A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

5.3CVSS6.8AI score0.05533EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.29 views

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2023-3016)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck,...

5.3CVSS6.6AI score0.05533EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.32 views

EulerOS Virtualization 2.9.1 : shim (EulerOS-SA-2023-3095)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate...

7.5CVSS6.3AI score0.05533EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/12/14 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-3382)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.4AI score0.02577EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/12/07 1:55 p.m.4 views

OpenSSL: Excessive time spent checking DH q parameter value

A vulnerability was found in OpenSSL. This security issue occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

5.3CVSS6.6AI score0.02577EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/12/07 1:53 p.m.5 views

OpenSSL: Excessive time spent checking DH q parameter value

A vulnerability was found in OpenSSL. This security issue occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

5.3CVSS6.6AI score0.02577EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/12/07 12:37 p.m.7 views

OpenSSL: Excessive time spent checking DH q parameter value

A vulnerability was found in OpenSSL. This security issue occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

5.3CVSS6.6AI score0.02577EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/12/07 12:21 p.m.4 views

OpenSSL: Excessive time spent checking DH q parameter value

A vulnerability was found in OpenSSL. This security issue occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

5.3CVSS6.6AI score0.02577EPSS
Exploits0References5
Rows per page
Query Builder