12 matches found
CVE-2023-35784
Concretely affected software and fixes: OpenBSD 7.2 before errata 026 and OpenBSD 7.3 before errata 004 are vulnerable due to a double free or use-after-free after SSL_clear; LibreSSL is vulnerable before 3.6.3 and before 3.7.3 in the 3.7.x line. Remediation is to apply the respective OpenBSD err...
CVE-2015-5334
CVE-2015-5334 is described in CNVD as an off-by-one buffer overflow in LibreSSL’s OBJ_obj2txt() that can be triggered by a crafted X.509 certificate, potentially causing a denial of service or remote code execution. The flaw is attributed to an incorrect fix for CVE-2014-3508. The initial CVE ent...
CVE-2015-5333
CVE-2015-5333 affects LibreSSL prior to 2.3.1. A memory leak in OBJ_obj2txt can be triggered by a large number of ASN.1 object identifiers in X.509 certificates, enabling a remote attacker to cause denial of service via memory consumption. Public sources in the connected documents consistently de...
CVE-2022-48437
CVE-2022-48437 affects LibreSSL prior to 3.6.1 and OpenBSD prior to 7.2 with errata 001. The issue is in x509/x509_verify.c where x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, causing an incorrect error to be returned when a verification callback...
CVE-2017-8301
CVE-2017-8301 affects LibreSSL 2.5.1–2.5.3 and describes a TLS certificate verification weakness that can occur when relying on SSL_get_verify_result for a later check and a user-provided verification callback returns 1, demonstrated by nginx accepting invalid certificates. The core issue is insu...
CVE-2019-25049
LibreSSL 2.9.1–3.2.1 contains an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx). Affected component: LibreSSL’s ASN.1 printing code. Root cause: out-of-bounds read within asn1_item_print_ctx. Impact is described in the CVSS vectors: Confidentiality Impact Partial,...
CVE-2019-25048
Mode C: CVE-2019-25048 affects LibreSSL versions 2.9.1–3.2.1. The vulnerability is a heap-based buffer over-read in do_print_ex, triggered via asn1_item_print_ctx and ASN1_item_print. CVSS data (NVD) indicates a local, low-complexity exploit with no authentication required; potential high impact ...
CVE-2021-46880
The CVE-2021-46880 issue affects LibreSSL before 3.4.2 and OpenBSD before 7.0 errata 006, where an error for an unverified certificate chain is sometimes discarded during x509_verify.c processing, allowing authentication bypass. This is documented as a high-impact vulnerability with CVSS 3.1 vect...
CVE-2018-8970
CVE-2018-8970 affects LibreSSL 2.7.0 before 2.7.1, where int_x509_param_set_hosts mishandles a zero-length name, causing silent omission of hostname verification and enabling MITM-style information disclosure. The issue arises from how X509_VERIFY_PARAM_set1_host with namelen=0 is handled, per co...
CVE-2018-12434
CVE-2018-12434 affects LibreSSL up to 2.6.5 and 2.7.x up to 2.7.4, enabling a memory-cache side-channel (ROHNP) during DSA/ECDSA signature generation. An attacker with local access or co-residency on the same physical host can potentially recover a private key. The disclosures in the connected Re...
CVE-2021-41581
The CVE-2021-41581 entry describes a stack-based buffer over-read in LibreSSL’s x509_constraints_parse_mailbox (lib/libcrypto/x509/x509_constraints.c) affecting LibreSSL up to and including 3.4.0, occurring when input exceeds DOMAIN_PART_MAX_LEN and the buffer is not 'terminated' (no termination)...
CVE-2014-9424
CVE-2014-9424 affects LibreSSL prior to 2.1.2. The vulnerability is a double-free in ssl_parse_clienthello_use_srtp_ext() within d1_srtp.c, which can trigger a length-verification error during DTLS handshake and may cause a denial of service (or unspecified impact). The issue is fixed by upgradin...