Lucene search
K
OpenbsdLibressl

12 matches found

CVE
CVE
added 2023/06/16 12:0 a.m.388 views

CVE-2023-35784

Concretely affected software and fixes: OpenBSD 7.2 before errata 026 and OpenBSD 7.3 before errata 004 are vulnerable due to a double free or use-after-free after SSL_clear; LibreSSL is vulnerable before 3.6.3 and before 3.7.3 in the 3.7.x line. Remediation is to apply the respective OpenBSD err...

9.8CVSS9.4AI score0.00948EPSS
CVE
CVE
added 2020/01/23 7:56 p.m.140 views

CVE-2015-5334

CVE-2015-5334 is described in CNVD as an off-by-one buffer overflow in LibreSSL’s OBJ_obj2txt() that can be triggered by a crafted X.509 certificate, potentially causing a denial of service or remote code execution. The flaw is attributed to an incorrect fix for CVE-2014-3508. The initial CVE ent...

9.8CVSS7AI score0.03489EPSS
CVE
CVE
added 2020/01/23 8:12 p.m.106 views

CVE-2015-5333

CVE-2015-5333 affects LibreSSL prior to 2.3.1. A memory leak in OBJ_obj2txt can be triggered by a large number of ASN.1 object identifiers in X.509 certificates, enabling a remote attacker to cause denial of service via memory consumption. Public sources in the connected documents consistently de...

7.5CVSS7.9AI score0.01978EPSS
CVE
CVE
added 2023/04/12 12:0 a.m.81 views

CVE-2022-48437

CVE-2022-48437 affects LibreSSL prior to 3.6.1 and OpenBSD prior to 7.2 with errata 001. The issue is in x509/x509_verify.c where x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, causing an incorrect error to be returned when a verification callback...

5.3CVSS5.2AI score0.00362EPSS
CVE
CVE
added 2017/04/27 5:0 p.m.80 views

CVE-2017-8301

CVE-2017-8301 affects LibreSSL 2.5.1–2.5.3 and describes a TLS certificate verification weakness that can occur when relying on SSL_get_verify_result for a later check and a user-provided verification callback returns 1, demonstrated by nginx accepting invalid certificates. The core issue is insu...

5.3CVSS5.2AI score0.01021EPSS
CVE
CVE
added 2021/07/01 2:53 a.m.78 views

CVE-2019-25049

LibreSSL 2.9.1–3.2.1 contains an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx). Affected component: LibreSSL’s ASN.1 printing code. Root cause: out-of-bounds read within asn1_item_print_ctx. Impact is described in the CVSS vectors: Confidentiality Impact Partial,...

7.1CVSS6.8AI score0.00878EPSS
CVE
CVE
added 2021/07/01 2:53 a.m.77 views

CVE-2019-25048

Mode C: CVE-2019-25048 affects LibreSSL versions 2.9.1–3.2.1. The vulnerability is a heap-based buffer over-read in do_print_ex, triggered via asn1_item_print_ctx and ASN1_item_print. CVSS data (NVD) indicates a local, low-complexity exploit with no authentication required; potential high impact ...

7.1CVSS6.9AI score0.00878EPSS
CVE
CVE
added 2023/04/14 12:0 a.m.76 views

CVE-2021-46880

The CVE-2021-46880 issue affects LibreSSL before 3.4.2 and OpenBSD before 7.0 errata 006, where an error for an unverified certificate chain is sometimes discarded during x509_verify.c processing, allowing authentication bypass. This is documented as a high-impact vulnerability with CVSS 3.1 vect...

9.8CVSS9.6AI score0.00568EPSS
CVE
CVE
added 2018/03/24 9:0 p.m.74 views

CVE-2018-8970

CVE-2018-8970 affects LibreSSL 2.7.0 before 2.7.1, where int_x509_param_set_hosts mishandles a zero-length name, causing silent omission of hostname verification and enabling MITM-style information disclosure. The issue arises from how X509_VERIFY_PARAM_set1_host with namelen=0 is handled, per co...

7.4CVSS6.9AI score0.01056EPSS
CVE
CVE
added 2018/06/15 2:0 a.m.65 views

CVE-2018-12434

CVE-2018-12434 affects LibreSSL up to 2.6.5 and 2.7.x up to 2.7.4, enabling a memory-cache side-channel (ROHNP) during DSA/ECDSA signature generation. An attacker with local access or co-residency on the same physical host can potentially recover a private key. The disclosures in the connected Re...

4.7CVSS4.7AI score0.00321EPSS
CVE
CVE
added 2021/09/24 2:12 a.m.58 views

CVE-2021-41581

The CVE-2021-41581 entry describes a stack-based buffer over-read in LibreSSL’s x509_constraints_parse_mailbox (lib/libcrypto/x509/x509_constraints.c) affecting LibreSSL up to and including 3.4.0, occurring when input exceeds DOMAIN_PART_MAX_LEN and the buffer is not 'terminated' (no termination)...

5.5CVSS5.5AI score0.00625EPSS
CVE
CVE
added 2014/12/29 12:0 a.m.53 views

CVE-2014-9424

CVE-2014-9424 affects LibreSSL prior to 2.1.2. The vulnerability is a double-free in ssl_parse_clienthello_use_srtp_ext() within d1_srtp.c, which can trigger a length-verification error during DTLS handshake and may cause a denial of service (or unspecified impact). The issue is fixed by upgradin...

7.5CVSS7.7AI score0.01796EPSS