Openbsd

Libressl

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-35784

  • EPSS 0.11%
  • Veröffentlicht 16.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:08:41

A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected.

9.8

CVE-2021-46880

  • EPSS 0.03%
  • Veröffentlicht 15.04.2023 00:15:07
  • Zuletzt bearbeitet 07.02.2025 16:15:33

x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.

5.3

CVE-2022-48437

  • EPSS 0.07%
  • Veröffentlicht 12.04.2023 05:15:07
  • Zuletzt bearbeitet 10.02.2025 17:15:15

An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returne...

5.5

CVE-2021-41581

Exploit
  • EPSS 0.3%
  • Veröffentlicht 24.09.2021 03:15:06
  • Zuletzt bearbeitet 21.11.2024 06:26:27

x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination.

7.1

CVE-2019-25048

Exploit
  • EPSS 0.22%
  • Veröffentlicht 01.07.2021 03:15:07
  • Zuletzt bearbeitet 21.11.2024 04:39:49

LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).

7.1

CVE-2019-25049

Exploit
  • EPSS 0.22%
  • Veröffentlicht 01.07.2021 03:15:07
  • Zuletzt bearbeitet 21.11.2024 04:39:49

LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).

7.5

CVE-2015-5333

Exploit
  • EPSS 2.09%
  • Veröffentlicht 23.01.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 02:32:48

Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.

9.8

CVE-2015-5334

Exploit
  • EPSS 9.91%
  • Veröffentlicht 23.01.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 02:32:48

Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflo...

4.7

CVE-2018-12434

  • EPSS 0.15%
  • Veröffentlicht 15.06.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:45:12

LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a di...

7.4

CVE-2018-8970

  • EPSS 0.75%
  • Veröffentlicht 24.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:42

The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in...