|Link||package | bugs open | bugs closed | Wiki | GitHub | web search|
|Description||The Open Source toolkit for Secure Sockets Layer and Transport Layer Security|
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a...
|CVE-2021-23841||AVG-1229||Medium||Yes||Denial of service||
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained...
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to...
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS...
A security issue has been found in OpenSSL before version 1.1.1l. ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which...
OpenSSL 1.0.2 will accept a certificate with explicitly set Basic Constraints to CA:FALSE as a valid CA if it is present in the trusted bundle.
|CVE-2020-1971||AVG-1229||High||Yes||Denial of service||
A denial of service security issue was discovered in OpenSSL before 1.1.1i. The X.509 GeneralName type is a generic type for representing different types of...
|CVE-2020-1968||AVG-1229||Medium||Yes||Private key recovery||
A flaw was found in openssl in versions 1.0.2 to 1.0.2w. A Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able...
A padding oracle has been found in OpenSSL versions prior to 1.0.2r. This issue does not impact OpenSSL 1.1.1 or 1.1.0. If an application encounters a fatal...
|CVE-2018-5407||AVG-807||Low||No||Private key recovery||
A vulnerability has been found in the ECC scalar multiplication implementation of OpenSSL < 1.1.0i and <= 1.0.2p. The implementation, used in e.g. ECDSA and...
|CVE-2018-0737||AVG-677||Low||No||Private key recovery||
A cache-timing side channel attack in the RSA key generation algorithm has been found in OpenSSL <= 1.1.0h and <= 1.0.2o. An attacker with sufficient access...
|CVE-2018-0734||AVG-807||Low||Yes||Private key recovery||
A timing vulnerability has been found in DSA signature generation in openssl versions up to and including 1.1.1, where information is leaked via a side...
|CVE-2018-0732||AVG-677||Low||Yes||Denial of service||
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause...
|CVE-2017-3738||AVG-550||Medium||Yes||Private key recovery||
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected....
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then...
A carry propagation bug has been found in OpenSSL < 1.1.0g in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests...
|CVE-2017-3735||AVG-479||Low||Yes||Denial of service||
A security issue has been found in OpenSSL < 1.1.0g. If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer...
|02 Mar 2019||ASA-201903-2||AVG-917||Medium||information disclosure|
|08 Dec 2018||ASA-201812-8||AVG-807||Low||private key recovery|
|16 Dec 2017||ASA-201712-9||AVG-479||Medium||multiple issues|