Certificate check bypass in openssl-src

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

Integer Overflow in openssl-src

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

OpenSSL: CA Certificate Check Bypass Vulnerability (CVE-2021-3450) - Windows

OpenSSL is prone to a CA certificate check bypass vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2021-3450

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

OpenSSL 信任管理问题漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the Openssl team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of cryptographic algorithms , including symmetric ciphers , hash algorithms ,...

OpenSSL: Incorrect SSLv2 rollback protection (CVE-2021-23839) - Linux

OpenSSL is prone to an incorrect SSLv2 rollback protection vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fr...

OpenSSL: Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841) - Windows

OpenSSL is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

OpenSSL: Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841) - Linux

OpenSSL is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

UBUNTU-CVE-2021-23840

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

CVE-2021-23840 Integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...