Openssl Security Vulnerabilities and Issues — Openssl CVE List

Lucene search

OpensslOpenssl

3 matches found

CVE•added 2019/09/10 5:15 p.m.•429 views

CVE-2019-1547

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have ...

4.7CVSS5.6AI score0.00142EPSS

CVE•added 2019/09/10 5:15 p.m.•369 views

CVE-2019-1563

In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted wi...

4.3CVSS5.5AI score0.00973EPSS

CVE•added 2019/09/10 5:15 p.m.•346 views

CVE-2019-1549

OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...

5.3CVSS5.3AI score0.01039EPSS