openssl-1.0

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Unknown
Version Removed

Open

Group Affected Fixed Severity Status Ticket
AVG-2730 1.0.2.zd-1 1.0.2.ze-1 Medium Unknown
AVG-1229 1.0.2.u-1 High Unknown FS#67858
Issue Group Severity Remote Type Description
CVE-2022-1292 AVG-2730 Medium Unknown Unknown
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.  This script is distributed by some operating systems in a...
CVE-2021-23841 AVG-1229 Medium Yes Denial of service
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained...
CVE-2021-23840 AVG-1229 Low Yes Incorrect calculation
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to...
CVE-2021-23839 AVG-1229 Low Yes Incorrect calculation
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS...
CVE-2021-3712 AVG-1229 Medium Yes Information disclosure
A security issue has been found in OpenSSL before version 1.1.1l. ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which...
CVE-2021-3601 AVG-1229 Low Yes Insufficient validation
OpenSSL 1.0.2 will accept a certificate with explicitly set Basic Constraints to CA:FALSE as a valid CA if it is present in the trusted bundle.
CVE-2020-1971 AVG-1229 High Yes Denial of service
A denial of service security issue was discovered in OpenSSL before 1.1.1i. The X.509 GeneralName type is a generic type for representing different types of...
CVE-2020-1968 AVG-1229 Medium Yes Private key recovery
A flaw was found in openssl in versions 1.0.2 to 1.0.2w. A Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-917 1.0.2.q-1 1.0.2.r-1 Medium Fixed
AVG-807 1.0.2.p-1 1.0.2.q-1 Low Fixed
AVG-677 1.0.2.o-1 1.0.2.p-1 Low Fixed
AVG-550 1.0.2.l-2 1.0.2.n-1 Medium Fixed
AVG-479 1.0.2.l-1 1.0.2.n-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2019-1559 AVG-917 Medium Yes Information disclosure
A padding oracle has been found in OpenSSL versions prior to 1.0.2r. This issue does not impact OpenSSL 1.1.1 or 1.1.0. If an application encounters a fatal...
CVE-2018-5407 AVG-807 Low No Private key recovery
A vulnerability has been found in the ECC scalar multiplication implementation of OpenSSL < 1.1.0i and <= 1.0.2p. The implementation, used in e.g. ECDSA and...
CVE-2018-0737 AVG-677 Low No Private key recovery
A cache-timing side channel attack in the RSA key generation algorithm has been found in OpenSSL <= 1.1.0h and <= 1.0.2o. An attacker with sufficient access...
CVE-2018-0734 AVG-807 Low Yes Private key recovery
A timing vulnerability has been found in DSA signature generation in openssl versions up to and including 1.1.1, where information is leaked via a side...
CVE-2018-0732 AVG-677 Low Yes Denial of service
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause...
CVE-2017-3738 AVG-550 Medium Yes Private key recovery
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected....
CVE-2017-3737 AVG-550 Medium Yes Information disclosure
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then...
CVE-2017-3736 AVG-479 Medium Yes Information disclosure
A carry propagation bug has been found in OpenSSL < 1.1.0g in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests...
CVE-2017-3735 AVG-479 Low Yes Denial of service
A security issue has been found in OpenSSL < 1.1.0g. If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer...

Advisories

Date Advisory Group Severity Type
02 Mar 2019 ASA-201903-2 AVG-917 Medium information disclosure
08 Dec 2018 ASA-201812-8 AVG-807 Low private key recovery
16 Dec 2017 ASA-201712-9 AVG-479 Medium multiple issues