Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MatrixsslMatrixssl

3 matches found

CVE
CVEadded 2018/01/22 11:29 p.m.46 views

CVE-2017-1000417

MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.

5.3CVSS5.3AI score0.00149EPSS
CVE
CVEadded 2018/06/15 2:29 a.m.40 views

CVE-2018-12439

MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

4.7CVSS4.5AI score0.00058EPSS
CVE
CVEadded 2018/01/09 8:29 p.m.38 views

CVE-2017-1000415

MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration (beginning) year extended (delayed) by 100 years.

5.9CVSS5.7AI score0.00107EPSS