30 matches found
K83823933: OpenSSL Vulnerability CVE-2021-4044
Security Advisory Description Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by...
CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl
A flaw was found in the way OpenSSL verified certificates via the X509verifycert function. X509verifycert fuunction may return a negative return value to indicate an internal error for example, out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO function such...
CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl
Security Advisory ID : BSA-2022-1661 Component : OpenSSL Revision : 1.0 A flaw was found in the way OpenSSL verified certificates via the X509verifycert function. X509verifycert fuunction may return a negative return value to indicate an internal error for example, out of memory. Such a negative...
Internet Bug Bounty: Invalid handling of X509_verify_cert() internal errors in libssl (CVE-2021-4044)
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
CVE-2021-4044
A flaw was found in the way OpenSSL verified certificates via the X509verifycert function. An internal error was not correctly validated causing application crashes or invalid application behavior...
OpenSSL: Invalid handling of X509_verify_cert() internal errors (20211214) - Linux
OpenSSL is prone to an invalid handling of X509verifycert internal errors vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Thi...
OpenSSL: Invalid handling of X509_verify_cert() internal errors (20211214) - Windows
OpenSSL is prone to an invalid handling of X509verifycert internal errors vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Thi...
Denial Of Service (DoS)
openssl3:edge is vulnerable to denial of service. Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return val...
Invalid handling of `X509_verify_cert()` internal errors in libssl
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
GHSA-MMJF-F5JW-W72Q Invalid handling of `X509_verify_cert()` internal errors in libssl
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
OpenSSL 3.0.0 < 3.0.1 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.1 advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the...
CVE-2021-4044
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
CVE-2021-4044
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
CVE-2021-4044
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
CVE-2021-4044
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
CVE-2021-4044
OpenSSL OpenSSL libssl vulnerability CVE-2021-4044 arises when X509_verify_cert() returns a negative internal error (e.g., OOM). OpenSSL mishandles this, causing SSL_connect/SSL_do_handshake to not signal success and SSL_get_error() to return SSL_ERROR_WANT_RETRY_VERIFY, which is unexpected for m...
CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
Invalid handling of `X509_verify_cert()` internal errors in libssl
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
RUSTSEC-2021-0129 Invalid handling of `X509_verify_cert()` internal errors in libssl
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
Vulnerability in OpenSSL - Invalid handling of X509_verify_cert() internal errors in libssl
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...