|Created||Thu Nov 2 16:00:17 2017|
|CVE-2017-3738||Medium||Yes||Private key recovery||
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected....
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then...
A carry propagation bug has been found in OpenSSL < 1.1.0g in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests...
|CVE-2017-3735||Low||Yes||Denial of service||
A security issue has been found in OpenSSL < 1.1.0g. If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer...
|17 Dec 2017||ASA-201712-11||lib32-openssl-1.0||multiple issues|