Lucene search
K

9 matches found

OSV
OSV
added 2026/04/27 6:33 p.m.11 views

JLSEC-2026-223 openssl-src NULL pointer Dereference in signature_algorithms processing

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...

5.9CVSS6.8AI score0.62906EPSS
Exploits3References35
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.8 views

SUSE CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...

7.5CVSS7.1AI score0.62906EPSS
Exploits3References81
Broadcom
Broadcom
added 2021/05/10 12:0 a.m.11 views

BSA-2020-948

Security Advisory ID : BSA-2020-948 Component : OpenSSL Revision : 1.0 Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extensio...

7.5CVSS6.8AI score0.53336EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2021/04/14 3:59 p.m.5 views

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

5.9CVSS7.1AI score0.62906EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2021/04/14 3:56 p.m.3 views

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

5.9CVSS7.1AI score0.62906EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2021/04/14 11:42 a.m.2 views

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

5.9CVSS7.1AI score0.62906EPSS
Exploits3References5
BDU FSTEC
BDU FSTEC
added 2020/06/22 12:0 a.m.6 views

The vulnerability of the SSL_check_chain function in the TLS protocol implementation of the OpenSSL library involves the possibility of reassigning the null pointer due to incorrect processing of the “signature_algorithms_cert” extension in TLS. This allows a perpetrator to cause a service failure.

The vulnerability of the SSLcheckchain function in the TLS protocol implementation of the OpenSSL library is related to the possibility of replacing the zero pointer due to incorrect processing of the “signaturealgorithmscert” extension in TLS. Exploiting this vulnerability can allow a malicious...

7.5CVSS6.4AI score0.53336EPSS
Exploits2References22Affected Software10
OSV
OSV
added 2020/04/21 2:15 p.m.5 views

DEBIAN-CVE-2020-1967

Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm i...

7.5CVSS6.2AI score0.53336EPSS
Exploits2References1
OSV
OSV
added 2020/04/21 2:15 p.m.6 views

ALPINE-CVE-2020-1967

Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm i...

7.5CVSS6.7AI score0.53336EPSS
Exploits2References1
Rows per page
Query Builder