Lucene search
+L

6 matches found

SUSE CVE
SUSE CVE
added 2024/09/04 3:30 a.m.1 views

SUSE CVE-2024-6119

Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of...

5.9CVSS9.1AI score0.66582EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2024/07/08 4:22 p.m.40 views

CVE-2024-34702

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints...

5.3CVSS5.7AI score0.00845EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/05/10 12:0 a.m.3 views

PT-2024-6609

Name of the Vulnerable Software and Affected Versions: Botan versions prior to 3.5.0 Botan versions prior to 2.19.5 Description: The issue is related to the processing of X.509 certificates in the Botan C++ cryptography library. Checking name constraints in these certificates is quadratic in the...

7.5CVSS6AI score0.00845EPSS
Exploits2References54
OSV
OSV
added 2023/03/24 10:1 p.m.10 views

GHSA-9QWG-CRG9-M2VC `openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read

SubjectAlternativeName and ExtendedKeyUsage arguments were parsed using the OpenSSL function X509V3EXTnconf. This function parses all input using an OpenSSL mini-language which can perform arbitrary file reads. Thanks to David Benjamin Google for reporting this issue...

7.3AI score
Exploits0References3
RustSec
RustSec
added 2023/03/24 12:0 p.m.37 views

`openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read

SubjectAlternativeName and ExtendedKeyUsage arguments were parsed using the OpenSSL function X509V3EXTnconf. This function parses all input using an OpenSSL mini-language which can perform arbitrary file reads. Thanks to David Benjamin Google for reporting this issue...

6.9AI score
Exploits0Affected Software1
OSV
OSV
added 2023/03/24 12:0 p.m.30 views

RUSTSEC-2023-0023 `openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read

SubjectAlternativeName and ExtendedKeyUsage arguments were parsed using the OpenSSL function X509V3EXTnconf. This function parses all input using an OpenSSL mini-language which can perform arbitrary file reads. Thanks to David Benjamin Google for reporting this issue...

7.2AI score
Exploits0References3
Rows per page
Query Builder