CVE-2021-23841 |
Medium |
Yes |
Denial of service |
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained... |
CVE-2021-23840 |
Low |
Yes |
Incorrect calculation |
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to... |
CVE-2021-23839 |
Low |
Yes |
Incorrect calculation |
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS... |
CVE-2021-3712 |
Medium |
Yes |
Information disclosure |
A security issue has been found in OpenSSL before version 1.1.1l. ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which... |
CVE-2021-3601 |
Low |
Yes |
Insufficient validation |
OpenSSL 1.0.2 will accept a certificate with explicitly set Basic Constraints to CA:FALSE as a valid CA if it is present in the trusted bundle. |
CVE-2020-1971 |
High |
Yes |
Denial of service |
A denial of service security issue was discovered in OpenSSL before 1.1.1i. The X.509 GeneralName type is a generic type for representing different types of... |
CVE-2020-1968 |
Medium |
Yes |
Private key recovery |
A flaw was found in openssl in versions 1.0.2 to 1.0.2w. A Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able... |